is it possible to make the |safe template filter conditional on content
17 views
Skip to first unread message
Mike Dewhirst
Oct 3, 2013, 2:55:21 AM10/3/13
to django...@googlegroups.com
I made a custom template filter (ref_href) which converts numbered
references (like [1], [2] etc) into footnote hyperlinks. It works but
requires the |safe filter which is dangerous.
To be actually safe I want to *only* use the |safe filter when the data
contains a numbered reference. Which I cannot do if it is permanently in
the template. In other words, I want to remove the |safe filter from the
template and incorporate it into my custom filter which checks that we
have an integer between the square brackets before doing its work.
Just thinking about it now, I suppose I could put a conditional in the
template ...
{% if "[" in value %}
{{ value | ref_href | safe }}
{% else %}
{{ value }}
{% endif %}
... but that's a lot of typing over dozens of templates. And it isn't
good enough.
Thanks for any secrets
Mike
references (like [1], [2] etc) into footnote hyperlinks. It works but
requires the |safe filter which is dangerous.
To be actually safe I want to *only* use the |safe filter when the data
contains a numbered reference. Which I cannot do if it is permanently in
the template. In other words, I want to remove the |safe filter from the
template and incorporate it into my custom filter which checks that we
have an integer between the square brackets before doing its work.
Just thinking about it now, I suppose I could put a conditional in the
template ...
{% if "[" in value %}
{{ value | ref_href | safe }}
{% else %}
{{ value }}
{% endif %}
... but that's a lot of typing over dozens of templates. And it isn't
good enough.
Thanks for any secrets
Mike
Bill Freeman
Oct 3, 2013, 10:21:10 AM10/3/13
to django-users
You can certainly write a custom filter. And if you do that, you can divvy up your value into footnote links and other, and escape the other parts yourself, returning the result as a safe string.
Mike
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/524D14D9.5090605%40dewhirst.com.au.
For more options, visit https://groups.google.com/groups/opt_out.
Mike Dewhirst
Oct 3, 2013, 7:44:35 PM10/3/13
to django...@googlegroups.com
On 4/10/2013 12:21am, Bill Freeman wrote:
> You can certainly write a custom filter. And if you do that, you can
> divvy up your value into footnote links and other, and escape the other
> parts yourself, returning the result as a safe string.
So you mean I detect any non-footnote html in the custom filter myself
> You can certainly write a custom filter. And if you do that, you can
> divvy up your value into footnote links and other, and escape the other
> parts yourself, returning the result as a safe string.
and convert it to Klingon but add my own html for footnotes and flag all
such fields as safe?
Hadn't thought of that. Might investigate calling the Django safe filter
from within the custom filter ...
Great idea, thanks
Mike
> <mailto:django-users%2Bunsu...@googlegroups.com>.
> To post to this group, send email to django...@googlegroups.com
> <mailto:django...@googlegroups.com>.
> Visit this group at http://groups.google.com/__group/django-users
> <http://groups.google.com/group/django-users>.
> To view this discussion on the web visit
> https://groups.google.com/d/__msgid/django-users/524D14D9.__5090605%40dewhirst.com.au
> <https://groups.google.com/d/msgid/django-users/524D14D9.5090605%40dewhirst.com.au>.
> For more options, visit https://groups.google.com/__groups/opt_out
> <https://groups.google.com/groups/opt_out>.
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users...@googlegroups.com.
>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> To post to this group, send email to django...@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAB%2BAj0uMUVFmHGY%3DYckq_e03ve1WhKG29ruCUWRU2zaVuFsN2Q%40mail.gmail.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
Mike Dewhirst
Oct 4, 2013, 2:56:45 AM10/4/13
to django...@googlegroups.com
On 4/10/2013 9:44am, Mike Dewhirst wrote:
> On 4/10/2013 12:21am, Bill Freeman wrote:
>> You can certainly write a custom filter. And if you do that, you can
>> divvy up your value into footnote links and other, and escape the other
>> parts yourself, returning the result as a safe string.
>
> So you mean I detect any non-footnote html in the custom filter myself
> and convert it to Klingon but add my own html for footnotes and flag all
> such fields as safe?
>
> Hadn't thought of that. Might investigate calling the Django safe filter
> from within the custom filter ...
>
> Great idea, thanks
And Django is fantastic too :)
> On 4/10/2013 12:21am, Bill Freeman wrote:
>> You can certainly write a custom filter. And if you do that, you can
>> divvy up your value into footnote links and other, and escape the other
>> parts yourself, returning the result as a safe string.
>
> So you mean I detect any non-footnote html in the custom filter myself
> and convert it to Klingon but add my own html for footnotes and flag all
> such fields as safe?
>
> Hadn't thought of that. Might investigate calling the Django safe filter
> from within the custom filter ...
>
> Great idea, thanks
All I need to do is ...
from django.utils.safestring import mark_safe
and return mark_safe(value_with_footnote_href) within my custom filter.
... which means I don't have to use the |safe filter and which makes me
much happier.
Cheers
Mike
Reply all
Reply to author
Forward
0 new messages