I have html encoded text which reads like this:
RT #freuter...
I want this displayed as html but I am not sure if there is a filter which i can apply to this text to convert the html-encoded text back to html ...
can someone help?
As Daniel says, use the {{ tweet|safe }} filter in the html, or mark it safe from the views.
Use django.template.mark_safe()
Try the |safe filter if you want to render all HTML.
See: How do I perform HTML decoding/encoding using Python/Django?
I think this answers your querstion.
Related
I'm quite new to using Django, so please be gentle, if this is a stupid question.
I'm trying to play with some stock-information in Python/Django. I'm getting the stock-rates from Yahoo Finance (with urllib). Whenever I get some stock-information, then I will get it like this (yep, it's one long string):
[b'Date,Open,High,Low,Close,Volume,Adj Close\n2014-12-01,26.16,26.22,25.85,26.02,48967100,25.54\n2014-11-28,26.80,26.90,26.44,26.49,31185200,26.00\n2014-11-26,26.89,26.97,26.78,26.87,19289700,26.38\n2014-11-25,27.01,27.03,26.84,26.86,28028000,26.37\n']
I then send it to a template with Django, using
to_be_returned = RequestContext(request, [[DICTIONARY_WITH_VARIABLE]])
and then
return HttpResponse(template.render(to_be_returned)
Is there a way, to get Django to beautify the long string for me? So I don't have to manipulate the string and replace all \n with <br />, in order for me to be able to read it easier? And what does the [b' ... '] mean (that contains the entire result?
Thanks for your assistance.
Use the linebreaksbr template filter:
{{ my_string_with_n|linebreaksbr }}
b'...' is a python3 byte string literal.
You do not attached a template.
Wrap out tag with
<pre></pre>
You can add html tag to the strings that you write in the response
For example :
response2.write('</br></br>List of Courses : ')
I would like to accept a user inputted url and display it in the href attribute part of the link tag. ie.
My link name
But I would like to make sure that it doesn't have any malicious content as far as inject script tags and the like. What is the best approach to sanitizing the user_input part?
From what I can tell:
django.utils.html.escape would escape &'s which is bad.
django.utils.http.urlquote and django.utils.http.urlquote_plus would escape the : part of http:// amoungst other things which seems bad.
Perhaps the best approach is urlquote_plus with some safe characters specified?
You can use the template tag: safe.
Let's say that your post context variable is:
user_input = some_valid_url
Grab user_input, and add the html to make it a link and reinsert it when saving the post. So the saved post is:
link_text = <a href=user_input>Link</a>
And then use safe in your html template:
{{ link_text|safe }}
Here is the documentation link for safe template tags:
https://docs.djangoproject.com/en/dev/ref/templates/builtins/#safe
I was over thinking the problem. It turns out that using django.utils.html.escape is fine as it results in HTML that has link tags with an href attributes which might have & in them instead of & but the browser handles this fine.
I thought I needed to find a way to have & in there as urls don't have & in them.
My final code is:
from django.utils.safestring import mark_safe
from django.utils.html import escape
....
output = '<li>%s</li>' \
% (escape(entry['url']), escape(self.link_display(entry)))
return mark_safe(output)
I have a little problem understanding what an expression like {{ something.render() | safe }} does .
From what I have seen, without the safe keyword it outputs the entire html document, not just the true content.
What I would like to know, is what it actually does, how it functions .
The safe filter explicitly marks a string as "safe", i.e., it should not be automatically-escaped if auto-escaping is enabled.
The documentation on this filter is here.
See the section on manual escaping to see which characters qualify for escaping.
Normally text is HTML-escaped (so <b> would be written out as <b>, which would render as <b>).
When you put |safe after something, you're telling the template engine that you have already escaped the text yourself, i.e. "it's safe to render this directly". So it will not do that encoding for you.
For more information: http://jinja.pocoo.org/docs/templates/#html-escaping
For anyone coming here looking to use the safe filter programmatically: wrap it in a markupsafe.Markup class, on which Jinja2 depends on.
Expanding on #data's answer, here's an example of using markupsafe.Markup:
import markupsafe
vals = {}
vals["name"] = markupsafe.Markup("<b>Duck</b>, Donald")
html = template.render(vals)
The resulting HTML will show Donald's last name in bold wherever the template contains {{name}}.
You can go this way
post.body is the variable that is getting the data from the database or any file.
{{ post.body | safe }}
I hope you will get it.
Think twitter where you paste a link next to some plain text and when your tweet is rendered, that url is now a clickable link.
Do I:
replace jinja's autoescape with my own by scanning the text for html tags and replacing them with the html entity code
use a regular expression to detect a url contained in the text and replace it within an a href=
what would this expression look like to detect any # of .tld's, http/https, www/any subdomain?
and render this all as ¦safe in the template?
Or is there a python/flask/jinja 'feature' that can better handle this kind of thing?
Jinja has a filter built-in called urlize that should do exactly what you want.
I've noticed that my template is rendering my model.CharField and model.TextField without any excess whitespace.
For example, if I enter data such as...
This is a test
to see what happens.
The rendered object field will appear as...
This is a test to see what happens.
Is this an intentional feature of Django or have I missed some filter or parameter somewhere?
I've checked the field itself with some debug code (print object.field) and it does contains the extra whitespace, so the problem is in the rendering side.
How can I allow the user to enter paragraphs of data in TextFields? How can I preserve the whitespace that the user may have entered?
As you can see even in StackOverflow your spaces do not display, this is from the source of your question:
This is a test
to see what happens.
Will save in the database as:
This is a test\n\n\nto see what happens.
You have to problems when rendering as html:
Extra spaces between words are stripped on display by the browser, unless it is between <pre></pre> tags
Linebreaks will be rendered as plain text linebreaks, which do not display in the browser unless between <pre></pre> tags.
For spaces, you can use such a template filter to replace them with their html entity equivalent: .
To convert database linebreaks in HTML linebreaks, use linebreaksbr built-in filters. For example, if {{ foo }} is: test\nbar, then {{ foo|linebreaksbr }} will render: test<br />bar
Create a "templatetags" folder in some of your apps with an __init__.py file in it.
Save the snippet for example in someapp/templatetags/replace_tag.py
Load the template filter in the template as such {% load replace_tag %}
Combine replace and linebreaksbr as such: {{ foo|linebreaksbr|replace:" "," " }}
You can also make your own template filter that will process the text into the HTML you need. In any case, refer to the custom template filter documentation for complete information.