This article introduces the Python autoescape tag usage analysis, the text of the sample code through the introduction of the very detailed, for everyone's learning or work has a certain reference learning value, the need for friends can refer to the following
Tags: remove blank characters in html tags. Including spaces, tab key, line breaks, sample code is as follows:
{% spaceless %} specifics {% endspaceless %}
Tags: DTL templates have been turned on by default in the automatic escape, will be those special strings for the escape, such as will be "<" escape into < will be ">" transfer into ">", using DTL's automatic escape can make the site less prone to XSS vulnerabilities. ", using DTL's auto escaping can make the website less prone to XSS vulnerabilities.
If the variable is trusted, you can use the "autoescape" tag to turn off auto-escaping, as shown in the following example code:
The code in is as follows:
from import render
def index(request):
# Define a context
context = {
"info":"<a href=''>Baidu</a>"
}
return render(request,'',context=context)
The code in is as follows:
<body>
<!--It's off at this point.DTLAuto escaping in templates-->
{% autoescape off %}
{{ info }}
{% endautoescape %}
</body>
The results of the run are as follows:
See the results of running without turning off the DTL auto-escaping feature as follows:
If you want to see what the special characters have been escaped for, you can do so by looking at the source code of the page.
This is the entire content of this article.