Joy, look into the database if it is being saved without escaping. If
that's the case you need to render it without escaping marking it as safe
with the safe filter. For example:
This will not be escaped: {{ data|safe }}
or you can use a template block like this:
{% autoescape off %}
Hello
HTML is not really stripped. It's just encoded. If you want to render it on
the frontend you can use
https://docs.djangoproject.com/en/dev/ref/templates/builtins/#std:templatefilter-escapeor
safe filter e.g. {{ your_var|safe }}
Cheers,
-mario
www.zenbookings.com
On 7 December 2012 05:10, Jonath
The html is saved to the database, but is stripped out when the variable is
rendered to the template to help prevent XSS attack. You can read more
about it (including how to selectively disable the feature) here:
https://docs.djangoproject.com/en/dev/topics/templates/#automatic-html-escaping
On Th
May i use html inside a text area? (i need some link in my text but the
TextField of my object Text gives me back the html without formatting it)
Is there any workaround?
Joy
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To view this discus
4 matches
Mail list logo
