render html strings in flask templates
By default Jinja2 (the template engine for Flask) assumes input inside of {{ }}
is unsafe and will not allow js or html inside them. You can solve this by using the safe
filter inside your template. This will tell Jinja2 that the content is safe to render as is, and not to escape the html/javascript.
{{ post.body | safe }}
Comments
-
jinglei almost 2 years
I'm building a web page to show articles. In my database, I have to attributes, one of which is used to put Markdown code and the other to save HTML code converted from the Markdown code. I want to get the HTML and add it to my base HTML. I use
Flask
framework andSQLAlchemy
and the data is saved insqlite
database. My model:class Post(db.Model): id = db.Column(db.Integer, primary_key=True) title = db.Column(db.String) body = db.Column(db.String) timestamp = db.Column(db.String) tag = db.Column(db.String) info = db.Column(db.String) body_markdown = db.Column(db.String)
and my view function:
def post(post_id): post = db.session.query(Post).filter(Post.id == post_id).first() return render_template('post.html', post = post,)
Firstly, I tried:
<div class="post-body"> {{post.body}} </div>
It shows the whole string with HTML tag.
post.body.decode("utf-8")
andpost.body.decode("ascii")
didn't work, either. When I debug the program, I found that the database returnsu'string'
. How can I get pure HTML code and apply it in my base HTML file?