• flask
  • jinja
  • escape
  • javascript

Flask’s Jinja environment escapes rendered data in HTML templates for security. Rather than dumping the JSON themselves, the user should use the |tojson filter. If they have dumped it, they can wrap it with Markup, or use the |safe filter. |tojson marks the data safe automatically.