HTML Escape

Created on Dec. 7, 2012, 6:02 a.m. by Hevok & updated by Hevok on May 2, 2013, 5:24 p.m.

Database saved text can contain HTML which may interfere with the rendering process. For this by default strings from django auto-escaped (all HTML is ignored and they are rendered raw). If a string needs to be rendered within a template without escaping, it can be marked as safe.

The safe filter enables to mark the content of single variable to be trusted:

This will not be escaped: {{ entry.text|safe }}

For whole code blocks the template block can be used:

{% autoescape off %}
    Render {{ entry.text }}
{% ensautoescape %}

Tags: templates, html, rest, django, escpaing
Categories: Tutorial, reST
Parent: Web Framework

Update entry (Admin) | See changes

Comment on This Data Unit