The form.as_ul shortcut works completely fine but the html isn't formatted. The only solution I found was to include a middleware which beautifies the complete html but I only want to do that for the form part. Is there a other way than write my own form template?
If you are talking about the formatting of the HTML code itself, consider not worrying about it.
In most cases the formatting of your HTML code is unimportant. It gets consumed by a browser and rendered for users. It is that rendered output that is important.
(Just for fun, load up your local Google search page and have a look at its source. It's definitely not optimized for people to read.)
In case you do want to format your HTML in a particular way you can always render fields manually.
Related
For example, if a file is updated while someone is viewing the page, automatically display this update, instead of requiring a refresh.
I want to make sure before I start JavaSripting to pull in the file on a interval and append it. Unless I'm mistaking, I don't think this can be done, but I'm just checking, just in case.
No. HTML is for structuring a document. Without a refresh, there is no way for HTML to change its contents.
HTML is a markup language related to SGML for creating structure and formatting in a web page. To achieve interaction beyond the initial request and response, you must utilize a programming language, not a document markup language. JS, possibly with some AJAX, is your subject matter. Good luck.
May sound a stupid statement but what surprised me it came from a well educated java professional. He argued:
"JSP is HTML. Take a look at some decent jsp/servlet applications, and you will see that over 90% of your jsp file is html."
According to him since JSP pages contain a lot of HTML, so JSP is HTML. Then he continued
"Decent jsp files are basic html expanded with some additional tags and el functions."
I am awed with these statements. Am I missing something?
IMHO the generalization that "JSP is HTML" goes a bit too far.
I agree that, for the most part, JSP files will have a lot of html in them, but that is just because most http request that users make are for html files (which afterwards make their own requests for images, scripts, etc...).
If everyone started making requests for lisp files then most JSP files would be full of parenthesis, but the JSP technology in itself would remain the same.
And of course, most additional tags and el functions deal with HTML related stuff just because that is what most usefull to most developers.
In theory, whatever content types the browser sets in the accept header of the request, you should be able to respond with a JSP. Have a look at this example: http://code.google.com/p/json-simple/wiki/JSPAndAJAXExamples
Furthermore, one must realize the truth: at runtime, there is no JSP. Then you will see that it is not the JSP that writes HTML into the response, it is only Java.
This is because all JSPs are compiled (or ideally precompiled) into Java servlets that reverse what you have written in the JSP file and write that content into a stream. So in this respect a JSP is much more a piece of Java code than an HTML file...
As for the rest of the conversation going on about what is valid html, css and validation, it's just a big red herring.
My two cents.
Well the file as a whole would not be HTML if it has PHP in, it would be a PHP script with HTML in it. Once PHP process it and returns your response then it becomes HTML. (Obviously this is only the case if your PHP is returning HTML, it could be returning other things).
Im not sure I understand:
not even all html is html a valid statement :)
If he is trying to say that not all HTML is valid HTML then he is correct, there are certain standards, certain tags, certain places you can use certain attributes all available in the HTML spec.
EDIT after reading conversation:
Ok, so I just read the conversation and what I said stands, he was saying all html is not valid html which is true. Just because it has html tags in and some text doesn't mean its valid, you can check if its valid or not by going here.
As for JSP etc not being valid html, that is correct but they do/can produce valid html. a JSP/PHP/ASP page is not HTML but has/can have html in it. When a request is made to the server the file is processed server side and returns in the http response your HTML, this again may or may not be valid HTML.
Furthermore what they tell you about HTML is correct, it is not in itself styling, it is a markup that tells the browser the structure of your document. The browser has its own default styling for those particular elements, which you can override by implementing your own style in CSS.
I was inspecting today's Google Doodle of Moog Synth, dedicated to Robert Moog,
when I came across the following piece of html code:
<w id=moogk0></w>
<s id=moogk1></s>
<w id=moogk2></w>
<s id=moogk3></s>
(You can view the source & do a Ctrl+F for , you will get it in the first search result).
I googled about s & w tags but found nothing useful except that the s tag is sometimes used to strikeout text but is now deprecated.
Obviously google will not be using deprecated tags but I guess there's a lot more behind this than plain html code. Can anybody explain me the use of this tags? & how does the browser recognise them? & if the browser does not recognise them, whats their use?
The browser doesn't recognise them.
But HTML was designed to ignore what it doesn't recognise, so these are simply not understood by the browser and get ignored. As elements without content, they will not get rendered at all either, though they will be part of the DOM.
However, these can be styled directly as elements in CSS and picked up by Javascript (getElementsByTagName and getElementById etc...).
In short, these elements provide a target for CSS and Javascript without any other impact on display.
Unknown elements are treated as block elements (like div) and can be styled accordingly and be used in scripts.
The tags you are talking about are user created XML tags.
If you need to display dynamic data in your HTML document, it will take a lot of work to edit the HTML each time
the data changes.
With XML, data can be stored in separate XML files. This way you can concentrate on using HTML/CSS for display and layout, and be sure that
changes in the underlying data will
not require any changes to the HTML.
With a few lines of JavaScript code,
you can read an external XML file and
update the data content of your web
page.
From time to time, I see web pages whose content is solely written in XML (not HTML or XHTML). These pages usually have some style sheets (either XSLT or CSS) attached to them which makes them look like any other ordinary web page.
My question is, what are the advantages of such an approach (if any), and why would anyone choose to work this way?
EDIT: If this is a good thing, why is it not widespread?
EDIT 2: Thanks everyone for the great responses. They really enlightened me. I also found this question whose content is also related.
It's easier to generate it programmatically and reuse it for other purposes than displaying as webpage.
Update:
EDIT: If this is a good thing, why is it not widespread?
Not everyone needs to generate it programmatically or reuse it for other purposes than displaying as webpage. It's then easier to use plain HTML.
One possible advantage would be for use of the data of the page in something other than a web browser; that would (presumably) be easier to do if a page's content were well-formed XML. Of course in theory a well-formed, semantic XHTML page should be nearly as able to be parsed, as well.
It can also be easier to generate XML instead of XHTML, depending on the data source.
When you are getting XML data in to your system, and you are supposed to present this XML data then it is much easier to write some XSLT for that XML instead of parsing it using some sort of parser and then presenting the data.
That can be a valid point for using XML instead of XHTML or HTML
Update
To answer your question on why this is not widespread, is because XSTL is tedious and hard to work with. Specifically XPath, which can be for some people quite difficult to use.
Those pages use XSLT to get rendered on the client side. Not every browser (especially older ones) supports rendering XML + XSLT. XML can however be used server-side as template and get transformed to HTML by the application running on the server. I personally don't see any advantages to this approach.
There are a lot more web pages that are written solely in XML than you know. You're only seeing the ones that do the XSLT transformation on the client side. Server-side transformation of XML is not at all unusual, because there's a plethora of things that produce data in XML, and transforming XML to HTML in XSLT is straightforward. You'll never know this is happening if you just look at the HTML, which bears no signs of having been generated via XSLT.
Personally, I don't understand it either though one of the biggest problems is support in IE. I created a skeleton ecommerce site serving XML, transformed by XSLT and styled using CSS. I sorely missed the ability to use XLink and other wonderful XML features. It's also nice to be able to tag the data for what it is. I used a 'menu' tag for the restaurant menus. 'price' tags for prices and so on. If a user clicked on a link to change menus, all I had to do was send the name of the item, the price and the description instead of the complete page. iirc, a 4K or more HTML menu page was only 200 bytes of sent data.
As far as the "one error makes everything crash in XML" type comments, the same is true of any programming language so proper coding should be no bother for programmers and careful HTML/CSS types.
Before anyone says that what I did was actually XHTML...no. I served XML. I did call up XHTML namespaces when needed for links, images and HTML type things but only when necessary.
I have some html (in this case created via TinyMCE) that I would like to add to a page. However, for security reason, I don't want to just print everything the user has entered.
Does anyone know of a templatetag (a filter, preferably) that will allow only a safe subset of html to be rendered?
I realize that markdown and others do this. However, they also add additional markup syntax which could be confusing for my users, since they are using a rich text editor that doesn't know about markdown.
There's removetags, but it's a blacklisting approach which fails to remove tags when they don't look exactly like the well-formed tags Django expects, and of course since it doesn't attempt to remove attributes it is totally vulnerable to the 1,000 other ways of script-injection that don't involve the <script> tag. It's a trap, offering the illusion of safety whilst actually providing no real security at all.
HTML-sanitisation approaches based on regex hacking are almost inevitably a total fail. Using a real HTML parser to get an object model for the submitted content, then filtering and re-serialising in a known-good format, is generally the most reliable approach.
If your rich text editor outputs XHTML it's easy, just use minidom or etree to parse the document then walk over it removing all but known-good elements and attributes and finally convert back to safe XML. If, on the other hand, it spits out HTML, or allows the user to input raw HTML, you may need to use something like BeautifulSoup on it. See this question for some discussion.
Filtering HTML is a large and complicated topic, which is why many people prefer the text-with-restrictive-markup languages.
Use HTML Purifier, html5lib, or another library that is built to do HTML sanitization.
You can use removetags to specify list of tags to be remove:
{{ data|removetags:"script" }}