http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django Developing ideas on developing. Fri, 20 May 2011 10:39:44 +0000 hourly 1 http://wordpress.org/?v=3.1.2 http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-1402 Benjamin Sergeant Thu, 19 Mar 2009 01:04:03 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-1402 I had the same problem when trying to render highlighted code from pygments. Thanks for the tips ! (I used Peter Reeves per view trick with RequestContext). http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-85 Peter Reeves Mon, 25 Feb 2008 01:13:34 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-85 For a single template you can also disable the autoescape in the contextinstance. I have this at the end of my function: <pre> context_instance=RequestContext(request) context_instance.autoescape=False return render_to_response('my_template.html', {'mydata':mydata,}, context_instance) </pre> This was because ampersands were being escaped in my template as & - My template needed the ampersands intact as it fed a .swf file with the data. context_instance=RequestContext(request) context_instance.autoescape=False return render_to_response('my_template.html', {'mydata':mydata,}, context_instance) This was because ampersands were being escaped in my template as &amp; - My template needed the ampersands intact as it fed a .swf file with the data.]]> http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-36 dibau naum h Fri, 15 Feb 2008 12:02:15 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-36 Thanks for posting! Works like charm. http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-5 Eddie Sullivan Tue, 29 Jan 2008 01:37:51 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-5 Thanks for the tip. That would indeed simplify things. I may even post it to this weblog when I do it. http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-4 Simon Willison Tue, 29 Jan 2008 01:22:26 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-4 If you're outputting a large amount of JSON, have you considered using a custom template tag to do so? You could write one that passes a variable through simplejson and marks it as safe at the same time (using django.utils.safestring.mark_safe() ) http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-3 Eddie Sullivan Tue, 29 Jan 2008 00:09:26 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-3 I'll look into posting one of the templates (they're for unpublished sites at the moment), but what's happening is a quantity of data is being passed in JSON form to some Javascript code. This of course relies on quotation marks and some other "unsafe" characters. Now, in future templates, and eventually in my legacy templates, I will take the autoescaping behavior into account and leave it on except when I need it off. However, for now I need existing things to work so I can proceed with development. http://www.chickenwingsw.com/scratches/programming/python/escaping-autoescape-in-django/comment-page-1#comment-2 Simon Willison Mon, 28 Jan 2008 23:11:21 +0000 http://www.chickenwingsoftware.com/scratches/?p=3#comment-2 Is there any chance you could post one of your templates to dpaste.com ? I haven't heard many reports of people having templates that were severely affected by auto-escaping - I'd love to see what's causing your problem, as we may be able to offer a better solution. We won't be adding a setting to settings.py though, as it will lead to the exact same problems that plagued PHP's magic quotes - people won't be able to write re-usable Django code because they won't be able to rely on auto-escaping being turned on or off.