How to strip html/javascript from text input in django
Question:
What is the easiest way to strip all html/javascript from a string?
Answers:
The striptags template filter.
{{ value|striptags }}
Django provides an utility function to remove HTML tags:
from django.utils.html import strip_tags
my_string = '<div>Hello, world</div>'
my_string = strip_tags(my_string)
print(my_string)
# Result will be "Hello, world" without the <div> elements
This function used to be unsafe on older Django version (before 1.7) but nowadays it is completely safe to use it. Here is an article that reviewed this issue when it was relevant.
Django 3
{{ the_value | striptags | safe | escape }}
What is the easiest way to strip all html/javascript from a string?
The striptags template filter.
{{ value|striptags }}
Django provides an utility function to remove HTML tags:
from django.utils.html import strip_tags
my_string = '<div>Hello, world</div>'
my_string = strip_tags(my_string)
print(my_string)
# Result will be "Hello, world" without the <div> elements
This function used to be unsafe on older Django version (before 1.7) but nowadays it is completely safe to use it. Here is an article that reviewed this issue when it was relevant.
Django 3
{{ the_value | striptags | safe | escape }}