Jinga2 template is not inserting values into the HTML table
Question:
This is my HTML output which is not desired. When I insert the HTML code shown in the above pic back into the table body(below pic) replacing the {{context}} it is giving me the proper output of the values inserted into the HTML table.
This is the HTML code where Jinja2 template is used. What is the problem in my {{context}} for displaying raw HTML rather than inserting into the table?
Answers:
Jinja2 escapes HTML by default, and since context evidently contains HTML, you’ll need to tell Jinja2 that it shouldn’t escape it.
{{ context|safe }}
However, since this leaves you vulnerable for HTML injection vulnerabilities, it’s better to (as you found out) just do the formatting in Jinja instead:
<tbody>
{% for ... in ... %}
<tr>...
This is my HTML output which is not desired. When I insert the HTML code shown in the above pic back into the table body(below pic) replacing the {{context}} it is giving me the proper output of the values inserted into the HTML table.
This is the HTML code where Jinja2 template is used. What is the problem in my {{context}} for displaying raw HTML rather than inserting into the table?
Jinja2 escapes HTML by default, and since context evidently contains HTML, you’ll need to tell Jinja2 that it shouldn’t escape it.
{{ context|safe }}
However, since this leaves you vulnerable for HTML injection vulnerabilities, it’s better to (as you found out) just do the formatting in Jinja instead:
<tbody>
{% for ... in ... %}
<tr>...