1. Yeah, that's a valid excuse, but only if your framework is written in PHP. So Yii has an excuse, but Django does not.
2. You'll have to escape virtually all the strings that go into the template anyway. So the peformance hit of escaping is almost the same, assuming you don't re-compile the template every single time (which no sane template system does).
2. You'll have to escape virtually all the strings that go into the template anyway. So the peformance hit of escaping is almost the same, assuming you don't re-compile the template every single time (which no sane template system does).