4 template Layer-HTML escape

Source: Internet
Author: User

Read Catalogue

    • 1.HTML Escape
    • 2. Characters that will be automatically escaped
    • 3. Turn off escape
    • 4. String literals
Back to top of 1. HTML escape
    • Django automatically HTML-escapes the string, such as the following values in the template:
View Code: DEF index (Request):    return render (Request, ' temtest/index2.html ',                  {                      ' T1 ': ' 

    • Display effects such as:




Back to top 2. Characters that will be automatically escaped
    • HTML escape, which is the output of the included HTML tags, is not interpreted, because when the user submits the string, it may contain some offensive code, such as JS script
    • Django automatically escapes the following characters:
< will be converted to &lt;> will be converted to &gt; ' (single quotes) will be converted to & #39; " (double quotes) will be converted to &quot;& converted to &amp;

    • Use escape filter When displaying untrusted variables, generally omitted because Django automatically escapes
{{T1|escape}}

Back to top 3. Turn off escape
    • Use safe filters for variables
{{Data|safe}}

    • Use Autoescape tags for code blocks
{% autoescape off%} {{Body}} {% Endautoescape%}

    • Label Autoescape accept on or off parameters
    • The auto-escape label is closed in the base template and is also closed in the child template

Back to top 4. String literals
    • Manual escape
{{data|default: ' <b>123</b> '}}

    • should be written as
{{data|default: ' &lt;b&gt;123&lt;/b&gt; '}}

4 template Layer-HTML escape

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.