使用 Django 没有 HTML 输出到博客 post
No HTML output to blog post with Django
我已经安装了应用程序 TinyMCE,一切正常 运行。但是有一个问题。发布时 HTML 输入的图像以纯文本显示。
<p><img src="https://www.djangoproject.com/s/img/logos/django-logo-negative.png" alt="django" /></p> <p>Lorem ipsum dolor sit amet, inani clita efficiantur sed et, ad honestatis complectitur vim.</p>
index.html:
{% for post in posts %}
<div class="post">
<h2>{{ post.title }}</h2>
<p>Posted on {{ post.timestamp }} by {{ post.author }}</p>
<p>{{ post.bodytext }}</p>
</div>
{% endfor %}
models.py:
from django.db import models
from django.utils import timezone
from django.conf import settings
from tinymce.models import HTMLField
class posts(models.Model):
author = models.CharField(max_length = 30)
title = models.CharField(max_length = 100)
bodytext = HTMLField()
timestamp = models.DateTimeField(default = timezone.now) # sets a default date & time value when creating a new post
class Meta:
verbose_name_plural = "posts" # sets the plural name of posts (default = postss)
def __str__(self):
return self.title
我想我忘记做某事了。那么这里有什么问题?
因为 html 被转义了。例如,如果您让匿名用户 post 文章(例如评论)出现在您的站点上,并让他们自己撰写 html(因此 javascript),则可能会发生不好的事情。
如果只是您在写帖子,请随意使用:
{{ post.bodytext|safe }}
这里有更多信息:
https://docs.djangoproject.com/en/1.8/ref/templates/language/#automatic-html-escaping
我已经安装了应用程序 TinyMCE,一切正常 运行。但是有一个问题。发布时 HTML 输入的图像以纯文本显示。
<p><img src="https://www.djangoproject.com/s/img/logos/django-logo-negative.png" alt="django" /></p> <p>Lorem ipsum dolor sit amet, inani clita efficiantur sed et, ad honestatis complectitur vim.</p>
index.html:
{% for post in posts %}
<div class="post">
<h2>{{ post.title }}</h2>
<p>Posted on {{ post.timestamp }} by {{ post.author }}</p>
<p>{{ post.bodytext }}</p>
</div>
{% endfor %}
models.py:
from django.db import models
from django.utils import timezone
from django.conf import settings
from tinymce.models import HTMLField
class posts(models.Model):
author = models.CharField(max_length = 30)
title = models.CharField(max_length = 100)
bodytext = HTMLField()
timestamp = models.DateTimeField(default = timezone.now) # sets a default date & time value when creating a new post
class Meta:
verbose_name_plural = "posts" # sets the plural name of posts (default = postss)
def __str__(self):
return self.title
我想我忘记做某事了。那么这里有什么问题?
因为 html 被转义了。例如,如果您让匿名用户 post 文章(例如评论)出现在您的站点上,并让他们自己撰写 html(因此 javascript),则可能会发生不好的事情。
如果只是您在写帖子,请随意使用:
{{ post.bodytext|safe }}
这里有更多信息:
https://docs.djangoproject.com/en/1.8/ref/templates/language/#automatic-html-escaping