Summary

Currently, autoescaping is enabled for all templates ending in.html,.htm,.xml as well as.xhtml when usingrender_template() (https://flask.palletsprojects.com/en/2.2.x/templating/).

As SVG files are very similar in nearly all aspects to XML files,.svg should also be autoescaped.

Problem

In this example, trying to insert a title into an SVG to render, an error will occur if the title contains unescaped text such as an ampersand (eg. "TEST & EXAMPLE")

In amain.svg template file:

<svgxmlns='http://www.w3.org/2000/svg'xmlns:xlink='http://www.w3.org/1999/xlink'width="250"height="220"viewBox="0 0 250 220">    <textfill="#ffffff"font-family="Roboto, Segoe UI, Ubuntu, Arial, sans-serif"font-weight="600"font-size="15px">        {{ title }}    </text></svg>

render_template("main.svg",title="TEST & EXAMPLE")

Current workarounds

Changing the filename to .xml can be done as a workaround, as well overriding the autoescape option or other methods for toggling autoescape. I'm proposing this as a feature request as I believe it is logical for SVG to work the same way as XML.