I am handling with a Wikipedia-like project. I can convert the text file to html code using the markdown. My problem is, I want to render this html code in a html file. Here is my code,
class articles:
def GET(self):
form_name=web.input()
article_name=form_name.page
article_file_path=os.path.join('articles',article_name)
fp = open(article_file_path,'rU')
text = fp.read()
body = markdown2.markdown(text)
return render.article_files(article_name, body)
I'm passing article_name and body(html code) to article_files.html. The body looks like,
<h1>Hai</h1>
<p>Welcome<em>Ajay</em></p>
The problem is, the body displays as it is. That is the html code is printed in the screen with all tags. I want to render this html code (body) like,
Hai
Welcome Ajay
My HTML file is:
$def with(title,content)
<html>
<head>
<title>$title</title>
</head>
<body>
<form name="form" method="GET">
$content
</form>
</body>
</html>
HTML escaping is on by default in web.py templates. To turn it off, prepend the variable name with a colon:
<form name="form" method="GET">
$:content
</form>
Make sure there is no way for a potentially malicious user to feed arbitrary HTML into your unescaped templates.
You need to specify the mime type of the date you are sending to the browser, otherwise it doesn't know how to display it.
You can do this by adding the following line to your function:
web.header('Content-Type', 'text/html')
Related
I am trying to send a HTML file via through the payload of a HTTP request in Python.
If I pass the following HTML file then there are no problems as long as I remove the \n and \t characters.
<!DOCTYPE html>
<html>
<body>
<h1>My First Heading</h1>
<p>My first paragraph.</p>
</body>
</html>
However, if I include any tags that have double quotes (e.g. <img src="w3schools.jpg" alt="W3Schools.com" width="104" height="142">) then the HTML breaks the JSON format of the payload that I am sending and my request to the server returns a 404.
My payload currently looks something like this:
payload = f'{{"foo":"","bar":[],"html":"{html_file}"}}'.encode('utf-8')
I need my HTML to look like this for it to be processed properly:
<!DOCTYPE html>
<html>
<body>
<h1>My First Heading</h1>
<p>My first paragraph.</p>
<img src=\"w3schools.jpg\" alt=\"W3Schools.com\" width=\"104\" height=\"142\">
</body>
</html>
No need to hand craft your JSON. You could build a python dict and use the json module to do the encoding. Quotes, newlines and any other troublesome characters will get the proper escaping.
import json
html_file = """<!DOCTYPE html>
<html>
<body>
<h1>My First Heading</h1>
<p>My first paragraph.</p>
<img src="w3schools.jpg" alt="W3Schools.com" width="104" height="142">
</body>
</html>"""
payload = json.dumps({"foo":"","bar":[],"html":html_file}).encode("utf-8")
Don't try to do the quoting yourself. Python has a json module for producing valid json, and it does all the right quoting for you. Use that!
I am having a method in the Django view which has a loop. Each sentence from the loop is getting processed and the final output is sent to the html. Meanwhile i would like to show that the particular sentence is getting processed on the same html page.
views.py
def get_String(request):
Parameter = request.POST.get('search_Key')
Data1 = data.objects.all()
for item in Data1:
print(item.Sentence)
Output1 = returnResult1(Parameter ,item.Sentence)
Output2 = returnResult2(Parameter ,item.Sentence)
return HttpResponse(json.dumps({"searched_key":Parameter,"Result1": Output1,"Result2":Output2}),content_type="application/json")
The sentence one by one getting processed and the final output is shown. Meanwhile I need to show that, the current item.Sentence is only getting processed in the below HTML which is actually shown at the time of processing.
Loading.html
<html>
<head>
</head>
<body>
{% csrf_token %}
<div id="progress1"><font size="2">
Loading... the processing sentence is: {{ List }}</font>
</div>
</body>
</html>
Kindly let me know how to send the Sentence directly from views.py to Loading.html page without any request.
What you want to do must be done on the client side of your app.
a simple way to do this is to disable the submit input and add a spinner to it through javascript.
assuming you use jQuery and have fontawesome:
$(document).ready(function(){
$("SUBMIT BUTTON SELECTOR").click(function(){
var spinner = $("<i class='fa fa-spinner fa-spin'></spin>");
$(this).attr("disabled", "disabled").prepend(spinner);
});
});
I'm using the following function to execute a simple HTML view:
import cherrypy
class index(object):
#cherrypy.expose
def example(self):
var = "goodbye"
index = open("index.html").read()
return index
Our index.html file is:
<body>
<h1>Hello, {var}!</h1>
</body>
How can I pass the {var} variable to the view from my controller?
I'm using CherryPy microframework to run the HTTP server and I'm NOT using any template engine.
change your html file and format it.
index.html
<body>
<h1>Hello, {first_header:}!</h1>
<p>{p2:}, {p1:}!</p>
</body>
The code
index = open("index.html").read().format(first_header='goodbye',
p1='World',
p2='Hello')
The Output
<body>
<h1>Hello, goodbye!</h1>
<p>Hello, World!</p>
</body>
Below code is working fine. Change the HTML and Python code accordingly
index.html
<body>
<h1>Hello, {p.first_header}</h1>
</body>
Python code
class Main:
first_header = 'World!'
# Read the HTML file
HTML_File=open('index.html','r')
s = HTML_File.read().format(p=Main())
print(s)
The Output
<body>
<h1>Hello, World!</h1>
</body>
CherryPy does not provide any HTML template but its architecture makes it easy to integrate one. Popular ones are Mako or Jinja2.
Source: http://docs.cherrypy.org/en/latest/advanced.html#html-templating-support
My Code:
file views.py:
def z(request):
htmltext = "hello <br><br> bye!"
return render_to_response('base.html', {'htmltext' : htmltext})
file main.html:
<html>
.
.
.
<div id="content">
{{htmltext}}
</div>
.
.
.
</html>
MY PROBLEM: as response I get this text in my html page (content):
hello <br><br> bye!
but i want:
hello
bye!
A potentially unsafe way to so this is to change your html code to be {{htmltext|safe}} however, depending on how the string is generated in your Python code, could lead to attacks on your website that inject arbitrary code into your HTML page.
The better option would be to put the HTML code <br> in the HTML file, so use something like {{foo}}<br><br>{{bar}}
how to create a html text link that delivers a KNOWN string to a python file, then redirects you to that python file?
i'm thinking somthing like this
lets say the string i want to deliver is 'lolipop'.
where would it fit
<form action="file.py" method="get">
<input ????? />
</form>
With a hidden html input object.
http://www.w3schools.com/jsref/dom_obj_hidden.asp