Say I use return render_template('index.html', users=users)
. Is it possible to get the filename inside a template without explicit sending of it inside the view?
Jinja, also commonly referred to as "Jinja2" to specify the newest release version, is a Python template engine used to create HTML, XML or other markup formats that are returned to the user via an HTTP response.
B701: Test for not auto escaping in jinja2When autoescaping is enabled, Jinja2 will filter input strings to escape any HTML content submitted via template variables. Without escaping HTML input the application becomes vulnerable to Cross Site Scripting (XSS) attacks. Unfortunately, autoescaping is False by default.
Although undocumented, {{ self._TemplateReference__context.name }}
will give the template name. And there are a number of interresting attributes that you can use after self._TemplateReference__context
.
You could, for example, add this to your topmost base template:
<meta name="template" content="{{ self._TemplateReference__context.name }}">
So that looking at a page source will help you quickly find the relevant template file. If you don't want to expose this kind of information, make it conditional to testing environment.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With