Twig is a template engine for PHP and it is part of the Symfony2 framework. Drupal 8 Twig replaces as the default templating engine.
* By default, the twig theming engine compiles templates into PHP code and stores the compiled code in memory.
* Compiled code is unsuitable for development, Since Changes in twig templates are not immediately updated in your Drupal site.
development.services.yml
parameters:
twig.config:
debug: true
auto_reload: true
cache: false
http.response.debug_caceability_headers: true
services:
cache.backend.null:
class: Drupal\Core\Cache|NullBackendFactory
SECURITY FIRST:
* Twig automatically escapes the output by default, making Drupal 8 one of the most secure versions yet.
* For Drupal 7, as a whole, most security advisers were for cross-site scripting (XSS) vulnerabilities in contributed projects.
* with Drupal core, using twig, these security advisories should be severely reduced.
- Add new comment
- 140 views
