autoescape-django模板中HTML转义

摘一段文档:

Controls the current auto-escaping behavior. This tag takes either on or off as an argument and that determines whether auto-escaping is in effect inside the block. The block is closed with an endautoescape ending tag.
When auto-escaping is in effect, all variable content has HTML escaping applied to it before placing the result into the output (but after any filters have been applied). This is equivalent to manually applying the escape filter to each variable.
The only exceptions are variables that are already marked as “safe” from escaping, either by the code that populated the variable, or because it has had the safe or escape filters applied.

使用 on 或 off标签来控制 块中 自动转义的行为
当auto-escaping作用时,所有包含HTML代码的都会转义在替换 内容 时,此时在输出前在所有filters(过滤)后,相当于手动添加escape过滤器
唯一的异常发生在变量被置为“safe”时,在代码中的变量被写入或是使用了“safe”或“escape”过滤器时
Sample usage:

{% autoescape on %}
    {{ body }}
{% endautoescape %}

你可能感兴趣的:(autoescape-django模板中HTML转义)