It is recommended to set the default of theĪutoescape parameter to True, so that if you call the functionįrom Python code it will have escaping enabled by default.įor example, let’s write a filter that emphasizes the first character ofįrom django import template from import conditional_escape from import mark_safe register = template. This flag tellsĭjango that your filter function wants to be passed an extra keywordĪrgument, called autoescape, that is True if auto-escaping is inĮffect and False otherwise. (If you don’t specify this flag, it defaults to False). Needs_autoescape flag to True when you register your filter function. In order for your filter to know the current auto-escaping state, set the Order to make things easier for your template authors. The idea is to write filters thatĬan operate in templates where auto-escaping is either on or off in You need to ensure it really is safe, and what you do depends on You need to do more than just mark the output as You want to mark the output as safe from furtherĮscaping so that your HTML markup isn’t escaped further, so you’ll needīe careful, though. This is necessary when you’re introducing new HTML markup into Value, marking it is_safe will probably have unintendedĬonsequences (such as converting a boolean False to the stringĪlternatively, your filter code can manually take care of any necessaryĮscaping. If your filter should return a boolean or other non-string Marking a filter is_safe will coerce the filter’s return value toĪ string. This tricky, but keep an eye out for any problems like that when Valid entity and thus needs further escaping. Semicolon ( ) can turn & into &, which is no longer a > from the input might turn into this filter is used in a template where auto-escaping is enabled,ĭjango will escape the output whenever the input is not already markedīy default, is_safe is False, and you can omit it from any filtersīe careful when deciding if your filter really does leave safe stringsĪs safe. filter ( is_safe = True ) def add_xx ( value ): return ' %s xx' % value
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |