It's actually pretty simple. Mustache offers the possibility to override the escape
function. This allows you to disable the escaping by simply returning the original value.
mustache.escape = function (value)
{
return value;
};
As mentioned by others, you can also use the following notation to disable escaping.
{{{ test }}}
I leave the answer unchanged, since it might be helpful to implement your own sanitizing.