Django template escaping

后端未结

关注

 4  1314

逝去的感伤 2020-12-09 08:05

Django templating system provides a few options (filters) for escaping contents in the html, but they are kind of confusing to me as a beginner. Say I\'m following a tutoria

4条回答

囚心锁ツ (楼主)

2020-12-09 08:36
first of all, you should escape your content because you never know (even if you are the one who enter the data) if you are going to need special character (like <, >, ).

The syntax you use show you are uncomfortable with the use of escaping :

this
```
{% autoescape on %}
    {{ content }}
{% endautoescape %}
```
is exactly the same as this
```
{{ content|escape }}
```
this
```
{{ content }}
```
is exactly the same as this <-- edit : If the autoescape is OFF (thanks to Paulo Scardine)
```
{{ content|safe }} 
```
Safe is use like that :
```
{% autoescape on %}
    {{ content }}  <-- escape
    {{ content|safe }}  <-- not escape
{% endautoescape %}
```
0 讨论(0)

查看其它4个回答
发布评论:

提交评论
- 加载中...