Jinja 2 safe keyword

--------------------------------------------------
Rise to the top 3% as a developer or hire one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Ocean Floor

--

Chapters
00:00 Jinja 2 Safe Keyword
00:25 Accepted Answer Score 45
00:48 Answer 2 Score 38
01:18 Answer 3 Score 10
01:36 Answer 4 Score 5
01:59 Answer 5 Score 1
02:17 Thank you

--

Full question
https://stackoverflow.com/questions/1234...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#python #templateengine #jinja2

#avk47

ACCEPTED ANSWER

Score 46

The safe filter explicitly marks a string as "safe", i.e., it should not be automatically-escaped if auto-escaping is enabled.

The documentation on this filter is here.

See the section on manual escaping to see which characters qualify for escaping.

ANSWER 2

Score 40

Normally text is HTML-escaped (so <b> would be written out as <b>, which would render as <b>).

When you put |safe after something, you're telling the template engine that you have already escaped the text yourself, i.e. "it's safe to render this directly". So it will not do that encoding for you.

For more information: http://jinja.pocoo.org/docs/templates/#html-escaping

ANSWER 3

Score 11

For anyone coming here looking to use the safe filter programmatically: wrap it in a markupsafe.Markup class, on which Jinja2 depends on.

ANSWER 4

Score 6

Expanding on @data's answer, here's an example of using markupsafe.Markup:

import markupsafe
vals = {}
vals["name"] = markupsafe.Markup("<b>Duck</b>, Donald")
html = template.render(vals)

The resulting HTML will show Donald's last name in bold wherever the template contains {{name}}.