Skip to content

Latest commit

 

History

History
45 lines (33 loc) · 1.2 KB

filter_escape.rst

File metadata and controls

45 lines (33 loc) · 1.2 KB
Raw

django

filter; escape single: mod_base; filter, escape

escape

  • Module: mod_base

HTML escape a text. Escapes all reserved HTML characters in the value. Escaped strings are safe to be displayed in a HTML page. When you echo a query string argument or path variable then you must escape the value before displaying it on a HTML page.

The following characters are replaced:

Character Replacement
> >
< &lt;
" &quot;
' &#039;
& &amp;

The escaping is only applied if the filter is not within an {% autoescape on %} block. If you always want escaping to be applied, use the filter-force_escape filter.

For example:

{{ value|escape }}

When the value is <hel&lo> then the output is &lt;hel&amp;lo&gt;.

Note: this filter is not part of a module, it is built into ErlyDTL.

filter-force_escape