发表新帖
发表新帖

How to strip html/javascript from text input in django

后端 未结
关注
3 749
半阙折子戏
半阙折子戏 2021-01-31 06:38

What is the easiest way to strip all html/javascript from a string?

相关标签:
3条回答
  • 广开言路
    2021-01-31 07:20

    Django provides an utility function to remove HTML tags:

    from django.utils.html import strip_tags

my_string = '<div>Hello, world</div>'
my_string = strip_tags(my_string)
print(my_string)
# Result will be "Hello, world" without the <div> elements

    This function used to be unsafe on older Django version (before 1.7) but nowadays it is completely safe to use it. Here is an article that reviewed this issue when it was relevant.

    0 讨论(0)
  • 名媛妹妹
    2021-01-31 07:23

    The striptags template filter.

    {{ value|striptags }}
    0 讨论(0)
  • 栀梦
    2021-01-31 07:39

    Django 3

    {{ the_value | striptags | safe | escape }}
    0 讨论(0)
 看不清?
提交回复
热议问题