如何正确应用django / jinja2模板过滤器'escape'和'linebreaks'？

Question

I'm currently trying to escape a variable using django templating filters as below. I use a jinja2 template engine instead of just django's primary templateing engine

{{ my_variable|escape|linebreaks }}

the output of a string with newlines is as follows:

Lorem ipsum <br /> dolor sit amet <br />rg srg
gs rgsr rsg serg<br />r srg

Ideally the

<br />

is not supposed to be escaped, as it is added by the "linebreaks" filter. There are no html tags with the original string.

I've tried:

{{ my_variable|linebreaks|escape }}

But, it turns out even worse:

<p>Lorem ipsum <br /> dolor sit amet <br />rg srg</p>
<p>gs rgsr rsg serg<br />r srg</p>

Does anyone knows whether I did something wrong with applying the template filter, and/or able to point me in the right direction?

Thanks.

Answer 1

So you are using django's linebreaks filter in a jinja2 template? In that case, I would assume that the way django marks a string safe may not be compatible with jinja2, therefore escaping the tags added by django (if autoescape is active).

What if you added the safe filter from jinja2 to the end?

{{ my_variable|escape|linebreaks|safe }}

Otherwise, there is an example for a custom filter in jinja2 documentation that seems to be similar to django's linebreaks. http://jinja.pocoo.org/docs/api/#custom-filters

import re
from jinja2 import evalcontextfilter, Markup, escape

_paragraph_re = re.compile(r'(?:\r\n|\r|\n){2,}')

@evalcontextfilter
def nl2br(eval_ctx, value):
    result = u'\n\n'.join(u'<p>%s</p>' % p.replace('\n', '<br>\n')
                      for p in _paragraph_re.split(escape(value)))
    if eval_ctx.autoescape:
        result = Markup(result)
    return result

Answer 2

Silly me, it seems that I can use:

{{ my_variable|forceescape|linebreaks }}

to force the 'escape' filter to apply first. By default 'escape' only apply at end of all other filters despite of position, so force_escape is the other most simple alternative.