Hi All,
I am trying to make a custom django widget that contains a javascript
call that uses unsafe characters (it passes a string to another
function, so I need single quote characters); namely:
class MyTextInput(forms.TextInput):
def __init__(self, *args, **kwargs):
attrs = kwargs.setdefault('attrs', {})
attrs['onBlur'] = mark_safe("update_by_id('id_to_update', 'this
is
new text')")
super(DojoTextInput, self).__init__(*args, **kwargs)
print 'onBlur', '-->', attrs['onBlur'], ':',
type(attrs['onBlur'])
As you can see, I have used mark_safe from django.utils.safestring to
indicate that the result is interpreted as safe: (the print line in
the above function produces:
onBlur --> update_by_id('id_to_update', 'this is new text') : <class
'django.utils.safestring.SafeString'>
However, at the top of the chain (the browser), loading the page
yields the following tag:
<tr><th><label for="id_address">Field</label></th><td><input
onBlur="update_by_id('id_to_update', 'this is new
text')" name="field" maxlength="100" type="text" id="id_field" /></
td></tr>
Clearly not escaped. (I have tired using both the |safe filter when
printing the form in the template, and enclosing the form call in {%
autoescape off %} and {% endautoescape %} blocks, but to no avail).
Does anyone know how I might get this string 'safely' out of my widget
and into my template?
Thanks,
Alex.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
