Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

mark_safe not working/still escaping in simple_tag

Tags:

django

django-templates

I'm using Django 1.3 and I have a simple_tag that I need to return some un-escaped HTML and no matter what I do it's still escaping my & to & and my | to %7C.

from django import template
from django.template import loader, Context
from django.utils.safestring import mark_safe

register = template.Library()

@register.simple_tag()
def show_stuff(arg1=None, arg2=None, arg3='someconstant'):

    # Do some stuff

    if someconstant == 'somevalue':
        template_name = 'template1.html'
    else:
        template_name = 'template2.html'

    template = loader.get_template(template_name)
    html = template.render(Context( {'myvar': myvar,} ))
    html = mark_safe(html)
    print type(html)
    return html

The print statement reveals

<class 'django.utils.safestring.SafeUnicode'>

which from my understanding isn't supposed to be escaped. I'm calling the tag in my template like so:

{% show_stuff 'arg1' 'arg2' 'arg3' %}

Help would be greatly appreciated.

Update: Tried the following from comments below. Didn't return an error, but still escapes the HTML:

    ...
    template = loader.get_template(template_name)
    html = template.render(Context( {'myvar': myvar,} ))
    html = mark_safe(html)
    print type(html)
    return html
show_stuff().is_safe=True

Also tried wrapping the contents of template1.html and template2.html in 

{% autoescape off %}
template html contents with & and |
{% endautoescape %}

and wrapping the templatetag call itself with autoescape tags. No success.

like image 458
scoopseven Avatar asked Jul 26 '12 18:07

scoopseven

Video Answer

2 Answers

Old thread but I ran into the same issue recently. I got it working python 3.6. Assign the value from simple tag to a variable txt and output the txt using template tags "{{" and add safe filter to txt.

{% get_contentvalue user "htmlabout" as txt %}
{{txt|safe}}
like image 134
manit Avatar answered Oct 19 '22 12:10

manit

In discussion with the author of the question we found that the characters were not actually escaped. Scoopseven (the author) viewed the source html with the option "Show Selection Source" of a context menu in Firefox. In this case escaped characters are shown.

like image 37
sergzach Avatar answered Oct 19 '22 11:10

sergzach
Sign in to Comment

Related questions

Django 1.2.4 CSRF verification failed
Canonical links and 301 Redirect if URL doesn't match slug
Storing a python set in a database with django
Fetching inherited model objects in django
Django Forms - set field values in view
Python lxml wrapping elements
django release management (staging, testing and production) [closed]
How do you save the order of a django inline formset?
How to render a python dict as an html table with vertical columns
Uploading Image Using JQuery And Django
How to ask the Django manytomany manager to match several relations at once?
Django custom form field initial data
global formfield_overriding in django
How do I print the queries executed by django .save() method?
Django TestCase not using transactions on secondary database
How do I authenticate a user in a Node app with Django authentication?
Django: Best Badge app for Django project
Using both SQLAlchemy and Django ORM on the same database
Multiple Django sites with shared codebase and DB
Django admin page not found

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!