Change - HTML Escape

Created on Dec. 7, 2012, 6:02 a.m. by Hevok & updated on Dec. 7, 2012, 6:07 a.m. by Hevok

Database saved text can contain HTML which may interfere with the rendering process. For this by default strings from django auto-escaped (all HTML is ignored and they are rendered raw). If a string needs to be rendered within a template without escaping, it can be marked as safe.

The safe filter enables to mark the content of single variable to be trusted:

This will not be escaped: {{ entry.text|safe }}

For whole code blocks the template block can be used:

{% autoescape off %}
    Render {{ entry.text }}
{% ensautoescape %}


Comment on This Data Unit