When DEBUG=True a variable containing HTML is just printed in the template and not interpeted as HTML. This is the correct behavior.
On the other hand, when DEBUG=False (just changing this) the variable's content is interpreted as HTML and I cannot understand why. I'm not using the safe filter.
My template is as follows:
<pre id="copy-source-{{ forloop.counter }}">
<code>{{ code }}</code>
</pre>
In one case, code happens to be HTML code, specifically:
<img src="bblabla" />
and the page displays the image instead of the code, even if it's inside a pre-code!?
Try this
{% autoescape off %}
{{var_containing_html}}
{% endautoescape %}
I hope this will help.
Good luck.
P.S. Also see docs
Related
I have this Liquid template which looks like this:
# /_includes/slideshow.html
{% for image in {{ include.images }} %}
...
{% endfor %}
which I'm trying to use with a YAML file (for my Jekyll site) like this:
# /index.md
{% include slideshow.html images='site.data.homepage_images' %}
The reason I see this failing is because my include variable {{ include.images }} resolves to a string within the for loop. Is there a different way to accomplish this? I'm still rather new to Liquid, YAML, Jekyll, and well, web development altogether, so any help in doing this is much appreciated!
(Note: the problem goes away if I replace {{ include.images }} with site.data.homepage_images.)
Additionally, the reason why I'm doing this (and why that crude fix isn't the solution I'm looking for) is for the ability to inject my image slideshow elsewhere around my site. It'd save a lot of code to abuse my include variable in this way.
Correct syntax in for loop is : {% for image in include.images %}
I have recently seen one HTML page.The code is embed with curly braces.Values for tags and loops are closed by curly braces.
{% if authenticated %}
<h1>Current User</h1>
<p>{{user}}</p>
{% else %}
<h1>Current User</h1>
<p>None</p>
{% endif %}
What is the actaul use of these type of code?
Is HTML embedded with any other language?
This may be Django script templates. Find more here.
This looks like the HTML is enriched with underscore.js or a similar templating engine.
It's used for displaying JavaScript data in your HTML without the need to know how JavaScript works.
I'm trying to display some HTML markup in a blog, and would like to know if there is a way to wrap a section of my Django template directly, without putting it into a context variable.
For example, I would like to output a bunch of code, some of it JavaScript, and some of it HTML, and some of it CSS. If I enter in the code directly into my Django template, and wrap it in some pre tags:
<pre>
/* Here is the markup I want to display: */
... lots of HTML
</pre>
the HTML tags are rendered.
Of course, to display:
<
I should use
<
and to display
>
I should use
>
I tried adding the Django tag {% autoescape on %} around the code section, but it had no effect because I'm not rendering a context variable.
I would like to know if there is an easier way than replacing every occurrence of < with < and every occurrence of > with >
I also know that if I put the code that I want to display into a context variable, then in my template, just displaying that context variable would automatically escape the code.
But I would rather just be able to directly cut and paste the code I want to display into my template. Is there a way to do this and display the HTML tags (i.e.
<h1> Heading Level 1 </h1>
without writing it in my template as:
<h1> Heading Level 1 </h1>
You have to use xmp tags.
<xmp>
<h1>Testing Html</h1>
</xmp>
This question is old, but it pops on search engines and no answer is correct imo.
SÅ‚awek Kabik's is deprecated, Smit Patel's is overly complicated (it bloats views).
In order to do what OP asked for, you have to use the force_escape built-in filter in a {% filter %} tag.
Example:
<pre>
<code>
{% filter force_escape %}
<span class="hello">Anything HTML really</span>
{% endfilter %}
</code>
</pre>
Output:
<pre>
<code>
<span class="hello">Anything HTML really</span>
</code>
</pre>
NOTE: Before you try to implement manually, please have a look at ckeditor.
ckeditor documentation
if this is not what you are looking for, then only proceed with answer.
Just Wrap your variable inside following Django template tag.
{% autoescape off %}
{{your_variable_here}}
{% endautoescape %}
put HTML code in "your_variable_here" variable And Django Will Display It as HTML. All HTML Tags will Work.
EDIT:
Sorry, I missed important part to mention.
in views do this
from django.template.loader import render_to_string
rendered = render_to_string('my_template.html', {'foo': 'bar'})
and pass this rendered string to template variable and render the given template inside other template by putting lines
{% autoescape off %}
{{rendered}}
{% endautoescape %}
Blank lines within and especially at the top of an HTML source file look untidy to me.
A common template code (in this case, Jinja2) may look like this:
{% block header %}
{% include "templates/partials/something_header.html" %}
{% endblock header %}
{% block body %}
{% include "templates/partials/something_body.html" %}
{% endblock body %}
{% block footer %}
{% include "templates/partials/something_footer.html" %}
{% endblock footer %}
Now, without even adding indentation issues to make the above more presentable, it already has the adverse effect of generating 2 empty lines due to the 2 carriage returns within the templating code:
.
.
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv=....
Whilst I can utilize a minifier/post-processor in this particular case, I'm wondering what others do to keep their template code easy on the eyes whilst preventing unnecessary blank lines?
EDIT: To eliminate the blank lines at the head of the generated source code, the above example of template code would appear as below (much less readable):
{% block header %}{% include "templates/partials/grid_header.html" %}{% endblock header %}
{% block body %}
...
My original question was a bit of an "I know this can be done, but is there another way?".
Thanks to the feedback from David and Lajos, confirming that post-processing of the generated HTML from the template engine is the most common way to alleviate unwanted blank lines and spacing.
Lajos also suggested a concept of maintaining both a "clean" and "correct" version of each template itself, whereby the developer may work unperturbed with clean template code and upon any modification, another version of the file will be ghost-written, but reformatted so that generating HTML from it would in fact produce clean HTML without any unwanted artifacts due to templating.
Whilst I tend towards the common post-processing method and chain any such cleaning up of HTML along with combining and minifying CSS/JS, etc, there would be scenarios that Lajos's implementation definitely would be beneficial (ie, if you don't/should't have control outside of the templating stage).
This feels like a really silly issue, but I'm confused by the behavior of django-zinnia, a blog creation module.
When I test enter a plain text post, it appends each sentence with html < p > tags the browser doesn't read as html.
Example, if I enter this into the database (no html):
The entry from the db renders on page itself like this as if the < p > markup was plain text:
Within Zinnia, these html tags are being generated as part of the {{ object_content }} object in _entry_detail_base.html
<div class="entry-content">
{{ object_content }}
</div>
I've looked through the entry.py models within Zinnia and I'm having trouble identifying where these tags are coming from or how they're being passed in in a way the browser doesn't interpret them for what they are (html). Is there a filter I can apply that might solve this? thanks
That's the default behavior for Django templates. Use {{ object_content|safe }} or {% autoescape off %} {{ object_content }} {% endautoescape %} (for multiple variables) to prevent html entities from being escaped.
Note that using the safe filter doesn't automatically mean the output is not escaped if you use another filter after it.
Check the Zinnia's source code: https://github.com/Fantomas42/django-blog-zinnia/blob/master/zinnia/templates/zinnia/_entry_detail_base.html
It's using |safe template tag:
<div class="entry-content">
{{ object_content|safe }}
</div>