如何在自定义Django标签上使用安全过滤器?

huangapple go评论69阅读模式
英文:

How to use safe filter on custom Django tag?

问题

我正在尝试实现一个自定义的Django标签该标签将在Javascript中制定一个导入语句以使用axios的get请求加载我的vue3应用以及其组件模板HTML文件

我的templatetags目录中的自定义标签如下

`templatetags/vuecomponents.py`

from django import template
from django.templatetags.static import static

register = template.Library()


@register.simple_tag
def v_load_app_component(app_name, script_name, components):

    components = components.strip("[]").split(", ")

    app_script = static(f"js/{script_name}.js")
    comps = [static(f"components/{name}.html") for name in components]

    return f"import {{{ app_name }}} from \"{app_script}?{components[0]}={comps[0]}\""
英文:

I'm trying to implement a custom Django tag that will formulate an import statement in Javascript to load my vue3 app as well as its components template html files using a get request in axios.

The custom tag in my templatetags directory looks like this:

templatetags/vuecomponents.py

from django import template
from django.templatetags.static import static

register = template.Library()


@register.simple_tag
def v_load_app_component(app_name, script_name, components):

    components = components.strip("[]").split(", ")

    app_script = static(f"js/{script_name}.js")
    comps = [static(f"components/{name}.html") for name in components]

    return f"import {{{ app_name }}} from \"{app_script}?{components[0]}={comps[0]}\""

Right now it only loads the first component as I just want a prototype. The only issue is when I drop this into a template like so:

createpost.html

<script type="module">

        {% v_load_app_component "creator" "internalpostform" "[internalpostform]" %}
        // OUTPUTS:
        // import { creator } from "static/js/internalpostform.js?internalpostform=internalpostform.html"

        creator.mount("#app")

</script>

It outputs the relevant import statement as:
import { creator } from "static/js/internalpostform.js?internalpostform=internalpostform.html"

With the double quotes escaped. Even when I tried to apply the safe filter ({% v_load_app_component "creator" "internalpostform" "[internalpostform]"|safe %}) it still escaped the output of my custom tag function.

How can I make it to where the output of my custom tag doesn't automatically have symbols converted to html entities?

答案1

得分: 0

我在 Django 的文档中找到了相关信息。safe 过滤器仅用于变量,即 {{ variable|safe }},不适用于标签 {% tag "argument"|safe %}

要防止 Django 转义标签的输出,只需使用 {% autoescape off %}

{% autoescape off %}
    {% v_load_app_component "creator" "internalpostform" "[internalpostform]" %}
{% endautoescape %}

这将实现所需的行为。

英文:

I found it after a little digging in Django's documentation. The safe filter is only for variables i.e. {{ variable|safe }} but does not apply to a tag {% tag "argument"|safe %}.

To prevent Django from escaping the output of a tag you simply use {% autoescape off %}

{% autoescape off %}
    {% v_load_app_component "creator" "internalpostform" "[internalpostform]" %}
{% endautoescape %}

This results in the desired behavior.

huangapple
  • 本文由 发表于 2023年2月18日 10:44:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/75490862.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定