On Wed, 2008-01-02 at 15:38 -0800, grahamu wrote:
> Hi,
> I'm having a problem with Django "HTML escaping" JSON data sent in
> response to an asynchronous form submission when the form has an
> <input type="file" ...> field. Forms that don't have a file field
> yield proper responses, and when Javascript is disabled on the browser
> normal form submissions work as well.
>
> I'm using the Yahoo User Interface library, specifically the Dialog &
> Connection Manager components, to send and receive asynchronous
> messages to/from my view.
>
> As an example, the JSON response seen by the javascript might be:
>
> "<pre>{\"valid\": false, \"errors\": {\"options\": \"<ul class=\
> \"errorlist\\"><li>This field is required.<\/li><\/
> ul>\"}}</pre>"
>
> when it should be:
>
> "{\"valid\": false, \"errors\": {\"options\": \"<ul class=\
> \"errorlist\\"><li>This field is required.<\/li><\/ul>\"}}"
>
> You can see that the Django system encapsulates the entire response in
> <pre></pre> tags. Additionally, the underlying error message HTML is
> also escaped.
>
> Does anyone know why this escaping might be happening? Can you suggest
> how I might avoid the escaping of the response?
Both the "why" and the "how" are documented in docs/templates_python.txt
in the source. The short answer is that any time a variable is rendered
into a template auto-escaping is applied. If you don't want this to
happen, you can mark the particular variable as safe from further
escaping using either mark_safe() in your view (probably the best
approach -- marking it safe as soon as you know that fact) or in the
template with the "safe" filter ({{ some_var|safe }}) or wrap an entire
section of the template within the {% autoescape off %} ... {%
endautoescape %} template tag.
Regards,
Malcolm
--
A conclusion is the place where you got tired of thinking.
http://www.pointy-stick.com/blog/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
