I am using the TinyMCE editor for the admin part of my website. The editor seems like it is installed correctly but after saving a post and displaying it on the main page it shows the raw html instead of rendering it.
More specifically it shows
If it helps I used HTMLField in the model
when you want to display html stored in a model you need to mark it as safe (if it is of course) for it to bypass the XSS protection
see https://docs.djangoproject.com/en/1.10/ref/templates/builtins/#safe
Marks a string as not requiring further HTML escaping prior to output.
When autoescaping is off, this filter has no effect.
example for your template
{{ model.attribute|safe}}
Related
I'm working on my blog web using django. In my models.py I implemented RichtextField instead of the normal CharField or Textfield or others. I already imported it like this from ckeditor.fields import RichTextField after installing 'ckeditor' in 'INSTALLED_APPS in my projects settings.py.
Everything is working just Fine!
But there is problem!
The problem i'm facing is, I don't get to see the result of whatever I type in in my Django admin site using the RichTextField except plain text and some HTML tags in my localhost page.
What I mean is:
Supposing in my text-typing, I have something like this 'This is a bright new day...', and I want to bold 'bright' like this- 'bright'. I get to see it working perfectly in my django admin site. But when I refresh to my localhost page to where the text-typing is displayed, I get to see some weird HTML tag like this <b 'bright' /b> instead of 'bright'. And it did the same thing when I used summernotes.
So, please I will like to know why it's going that direction instead of the direction I want.
Secondly, the possibly solution to help me make move in the direction I want.
This same problem cut across to when I want implement codes, italics, headers, etc. in my whatever text I wish to change to those form.
Happy New Year! I have started out my new year by making a resolution to get Markdown rendering to HTML working for my Django blog. I came across Django Markdownify and it is pretty OK! I managed to get my markdown file rendered, via get_context_data as described below in installation and usage:
views.py
class MarkDown(TemplateView):
template_name = 'index.html'
def get_context_data(self, **kwargs):
markdowntext = open(os.path.join(os.path.dirname(__file__), 'templates/test.md')).read()
context = super(MarkDown, self).get_context_data(**kwargs)
context['markdowntext'] = markdowntext
return context
index.html
{% load markdownify %}
{{ markdowntext|markdownify }}
Although basic rendering works, there are some major drawbacks. Including:
Inability to recognize headers (e.g. ### in ### My Header gets stripped completely)
Poor handling of new lines (whitespace is not respected in any form, but blockquotes work for newlines (>))
These two issues alone are enough to give me pause and seek out an alternative solution for Markdown to HTML in Django. I did open an issue for the header problem and I'll wait to hear back. Until then, if anyone can recommend some Django specific workarounds I'd greatly appreciate it.
Brief summary of google results on topic:
Django Integrated Markdown Editors - allow editing and previewing markdown and possibly other formats. Maybe not so lightweight. Usually provide best html escaping:
django-markdownx
django-mdeditor
martor
Django Fields with Markdown support:
django-markupfield
Other:
use custom js libraries and render raw text manually to markdown with javascript
use python libs manually (markdown, misaka, mistune, ...) and generate markdown html in django, possible syntax higlightng with pygments - more low-level, more configuration, more issues to solve
Interesting option to use third-party api to get rendered markdown html
Is it good to put html code in a Django TextField that will be used in a blog app?
It's all right you use any HTML in django textfield, for example, if you are using TinyMCE, this kind of list can be used very easily
Use this to put html code in text field. ckeditor is great html editor with many plugin also it has django library with many customize functionality
https://github.com/django-ckeditor/django-ckeditor
I have an app that allows users (admins actually) to add html to a model. Then I serve that html on some page to other users (nonadmins). I would like to allow the admins to create arbitrary html on these pages, including adding images. I don't want the admins to have to jump through hoops to get their content into this html field. Suppose a user has some images on their local machine that they want to go into this html field they are creating. I want it to be super brain-dead easy for them to get those images in there.
Right now I just have a model with an html field and I provide a WYSIWYG editor . On a page that users can see, I just load that model.html (filter it as safe) and display. But if the admin user wants to add an image, they still have to figure out hosting and linking in their html document.
Is there a way to use Django flatpages + static to achieve this? Or some kind of app that provides a wordpress-like editor inside Django?
Honestly I would recommend just installing Mezzanine. It does exactly what you want and is the most lightweight, simple and Wordpress like of the Django CMSs. It integrates TinyMCE and Django filebrowser like you want and you can throw away the bits you don't want. This is almost definitely the quickest way to do what you want.
I'm using django to make an online testing system, and I want to render a piece of text from database into the page. The text may have variety numbers of tag. When the page is rendered, it strips out the tag and display like this
< img src="{{STATIC_URL}}img/2003/p1q71.jpg" >
instead of displaying image. Any solution for this?
Read about the built-in safe filter.
Django does not consider data from the database to the "Safe".
It always "escapes" any tag-like content in database data to prevent HTML Script Injection attacks.
You want to mark the content you are pulling out of the DB as safe when you use it in your template.
{{ content_from_db|safe }}
https://docs.djangoproject.com/en/dev/ref/templates/builtins/?from=olddocs#std:templatefilter-safe