On Thu, Mar 10, 2011 at 12:14 PM, Tom Evans wrote:
> 2011/3/10 Thiago Carvalho D' Ávila :
>> Oh, thanks a lot. That worked, but now I have one more doubt...
>>
>> What are the security issues related to the use of safe variable? When can I
>> consider it safe? Is it possible to make some kind of i
2011/3/10 Thiago Carvalho D' Ávila :
> Oh, thanks a lot. That worked, but now I have one more doubt...
>
> What are the security issues related to the use of safe variable? When can I
> consider it safe? Is it possible to make some kind of injection using it
> this way? Is autoescape a better optio
Oh, thanks a lot. That worked, but now I have one more doubt...
What are the security issues related to the use of safe variable? When can I
consider it safe? Is it possible to make some kind of injection using it
this way? Is autoescape a better option?
2011/3/10 Bill Freeman
> Use:
>
> {% if
Use:
{% if html_message %}{{ html_message|safe }}{% endif %}
Presuming that you believe that the variable's content is, indeed, safe.
Bill
2011/3/10 Thiago Carvalho D' Ávila :
> I'm having some problem while trying to render some HTML code as a template
> variable.
>
> What I am doing is:
>
>
try
{% if html_message %}{{ html_message|safe }}{% endif %}
but I would do:
{% if html_message %}
We recommend that you click here
{% endif %}
- Gennadiy
2011/3/10 Thiago Carvalho D' Ávila
> I'm having some problem while trying to render some HTML code as a template
> vari
2011/3/10 Thiago Carvalho D' Ávila :
> I'm having some problem while trying to render some HTML code as a template
> variable.
>
> What I am doing is:
>
> view.py
> def view(request, id):
> thing = get_object_or_404(Object, pk=id)
> if blablabla:
> return render_to_response('template.ht
6 matches
Mail list logo
