I need to escape just part user input for output. For example
Hey a status update for <a href="/profile/2353">@Friend Name</a>
I just need to escape the link part of text in case someone does something like
<h1>HaCkEDED!!!!</h1>
So I can't escape the entire block. So I tried this
'{%% autoescape off %%} <a href="/profile/%s">%s</a>{%% endautoescape %%}' % (tag, at)
When I send this to output in the browser here is what I get
{% autoescape off %} <a href="/profile/2353">@Friend Name</a>{% endautoescape %}
How can I get the autoescape to work? I can't use a separate variable and put
{{ tag | safe }}
because one post might have multiple tags and the tags will be in different spots. So how can I get Django to let me output one of its templates?
我不确切地知道你要做什么,但在视图中你可以使用django.utils.safestring.mark_safe
将项目标记为不需要自动django.utils.safestring.mark_safe
。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.