I'm facing a problem when I embed HTML code in my python's view.py
Basically, my objective is to customize the color of certain words only (based on the input). I want to do it by modifying the view.py
For example (my view.py):
def home(request):
form = request.POST.get('uncorrected')
texts = str(form) + '<span style="color: red">test text but this section is red</span>'
return render(request, 'corrector/home.html', {'text': texts})
Inside my index.html:
<textarea type="text" id="textarea" name="uncorrected">
{{ text }}
</textarea>
However, when I type "my text" in the textarea it displays only:
my text <span style="color: red">test text but this section is red</span>
It doesn't make the text red, it directly displays the code.
How can I make it work?
Django automatically escapes HTML to prevent XSS attacks. In order to render HTML as HTML, you just pipe in safe.
{{ text|safe }}
Django will still escape the HTML, but it will render it as well
Related
I use https://github.com/maxcutler/python-wordpress-xmlrpc to upload articles to Wordpress. I noticed that text lines inside <div> are automatically wrapped by <p> tags and <br> tags are removed.
Is there a way to keep <br> tags?
post = WordPressPost()
post.title = 'title'
post.content = '<div>This is a test article<br><br>There are some linebreaks<br><br>here<br></div>'
post.post_status = 'publish'
wp.call(NewPost(post))
Creates this post:
<div>This is a test article
<p> </p>
<p>There are some linebreaks</p>
<p>here</p>
</div>
You could whitelist the tags you're interested in. Wordpress has a special function for that:
wp_ksesDocs
In your case, for example, you could whitelist your <br> tags like so:
add_filter('the_content', 'your_theme_whitelist_tags');
function your_theme_whitelist_tags($content)
{
$whitelist_tags = array(
'br' => array()
);
$content = wp_kses($content, $whitelist_tags);
return $content;
}
Which keeps the <br> tags and remove other html tags. If you want to keep your <div> tags as well, then you could also add that tag in your whitelist array.
Code goes into the functions.php file of your active theme.
Let me know if you could get it to work!
I have never asked a question here before, please bear with me. I am working on a wiki project that has a requirement to convert markdown files using markdown2.
return render(request, "encyclopedia/entry.html", {
"content": markdown2.markdown(util.get_entry(title)), "title": title
})
Above is how I pass it to the HTML page and it renders on the page with the proper HTML tags, but it doesn't seem to use them. Below is how it appears on the browser.
<pre><code> # HTML
</code></pre>
<p>HTML is a markup language that can be used to define the structure of a web page. HTML elements include</p>
<ul>
<li>headings</li>
<li>paragraphs</li>
<li>lists</li>
<li>links</li>
<li>and more!
most recent major version of HTML is HTML5.</li>
</ul>
I am passing it directly to a Django template with the safe filter included as shown below.
<textarea name="content" rows="5" cols="50" readonly>
{{ content|safe }}
</textarea><br>
Thank you ahead of time, I hope I provided enough information to make my problem clear.
it looks like your content is going inside a <textarea> form field...that's going to prevent the browser from interpreting the HTML and just show exactly what is passed over.
Change to a <div> or something and it should work.
Currently I am generating a pdf from a html template in django/python.
Here is a relevant snipit from my view
result = StringIO.StringIO()
html = render_to_string(template='some_ref/pdf.html', { dictionary passed to template},)
pdf = pisa.pisaDocument(StringIO.StringIO(html), dest=result)
return HttpResponse(result.getvalue(), content_type='application/pdf')
And my template is an html file that I would like to insert a hyperlink into. Something like
<td style="padding-left: 5px;">
{{ some_other_variable }}
</td>
Actually, the pdf generates fine and the template variables are passed correctly and show in the pdf. What is inside the a tag is highlighted in blue and underlined as if you could click on it, but when I try to click on it, the link is not followed. I have seen pdfs before with clickable links, so I believe it can be done.
Is there a way I can do this to make clickable hyperlinks on my pdf using pisa?
it works with the complete url: http protocol and domain
{{ some_other_variable }}
I'm extremely inexperienced with html and although I know python, I had never used django before this. I'm trying to set up a simple website where the user can view some code on the left side of the screen and enter some text about it on the right side of the screen. The code can be pretty long sometimes so the webpage scrolls, but I want the textbox to always be present even if you scroll up or down. As my code is now, the textbox is on the right side of the screen, but it always stays at the bottom. Here's a screenshot of what it looks like:
(can't seem to get screenshot to show up in the post, here's the link http://imgur.com/3JfgHH3)
Here's the .html file I'm using in my templates directory in django:
<div style="display: inline-block">
{% if error_message %}<p><strong>{{ error_message }}</strong></p>{% endif %}
<pre>{{ source_code }}<pre>
</div>
<div style ="display: inline-block" >
<form method="post" action="/labeling/{{ document_id }}/send/">
{% csrf_token %}
<input type="text" name="textfield">
<input type="submit" value="Finish" name="finish_btn" />
</form>
</div>
Sorry for my complete lack of html knowledge. How would I fix this either in django or in the html file directly so that the textbox and button move up and down with the scrolling, instead of being permanently attached to the bottom right of the screen? If necessary I can post the django code too, I just wasn't sure if this was possible directly in html.
<div style ="display: inline-block;position: fixed;" >
Implement position: fixed; into your styling of the first div. That should already do the trick. Like #furas said is - when it comes to styling - CSS the language you have to learn.
In the CSS file please add the following Code:
div.[class_name_of_div_element] {
position: fixed;
}
How would you stop Deform from escaping HTML in field titles or descriptions when rendering? My current best solution is to search/replace the returned rendered HTML string with what I need.
Deform by default will escape all HTML characters to HTML entities, I want to add an tag in one of the field descriptions.
Copy the default widget template and modify it to allow unescaped entries.
Descriptions are placed by mapping.pt. It cannot be overridden per widget basis - the mapping template is the same for all the items in the form. You can override mapping by passing item_template to your widget container (Form, Form section). Non-tested example:
# No .pt extension for the template!
schema = CSRFSchema(widget=deform.widget.FormWidget(item_template="raw_description_mapping"))
You can use TAL structure expression to unescape HTML.
E.g. example raw_description_mapping.pt for Deform 2:
<tal:def tal:define="title title|field.title;
description description|field.description;
errormsg errormsg|field.errormsg;
item_template item_template|field.widget.item_template"
i18n:domain="deform">
<div class="panel panel-default" title="${description}">
<div class="panel-heading">${title}</div>
<div class="panel-body">
<div tal:condition="errormsg"
class="clearfix alert alert-message error">
<p i18n:translate="">
There was a problem with this section
</p>
<p>${errormsg}</p>
</div>
<div tal:condition="description">
${structure: description}
</div>
${field.start_mapping()}
<div tal:repeat="child field.children"
tal:replace="structure child.render_template(item_template)" >
</div>
${field.end_mapping()}
</div>
</div>
</tal:def>
You also need to modify your Pyramid application to load overridden Deform templates when constructing WSGI application with Pyramid's Configurator:
from pyramid_deform import configure_zpt_renderer
configure_zpt_renderer(["mypackage:templates/deform", "mypackage2.submodule:form/templates/deform"])