Passing HTML to template using Flask Jinja2

Question

I m building an admin for Flask and SQLAlchemy  and I want to pass the HTML for the different inputs to my view using render template  The templating framework seems to escape the html automatically  so all  lt     are converted to html entities  How can I disable that so that the HTML renders correctly

User · Answer

You can also declare it HTML safe from the code:

from flask import Markup
value = Markup('<strong>The HTML String</strong>')

Then pass that value to the templates and they don't have to |safe it.

User · Answer

For handling line-breaks specifically  I tried a number of options before finally settling for this     set list1   data split   n         for item in list1       item         if not loop last       lt br  gt       endif       endfor     The nice thing about this approach is that it s compatible with the auto-escaping  leaving everything nice and safe   It can also be combined with filters  like urlize  Of course it s similar to Helge s answer  but doesn t need a macro  relying instead on Jinja s built-in split function  and also doesn t add an unnecesssary  lt br  gt  after the last item

User · Answer

Some people seem to turn autoescape off which carries security risks to manipulate the string display   If you only want to insert some linebreaks into a string and convert the linebreaks into  lt br   gt   then you could take a jinja macro like      macro linebreaks for string  the string   -      if the string       for line in the string split   n       lt br   gt     line       endfor       else       the string       endif      - endmacro      and in your template just call this with     linebreaks for string  my string in a variable

User · Answer

the ideal way is to     something safe      than completely turning off auto escaping

User · Answer

From the jinja docs section HTML Escaping      When automatic escaping is enabled everything is escaped by default   except for values explicitly marked as safe  Those can either be   marked by the application or in the template by using the  safe   filter    Example      lt div class  info  gt       data email content safe     lt  div gt

User · Answer

When you have a lot of variables that don t need escaping  you can use an autoescape block      autoescape off       something       something else     lt b gt    something important    lt  b gt     endautoescape

[python] Passing HTML to template using Flask/Jinja2

Examples related to python

Examples related to jinja2

Examples related to flask