For some content displayed in the front-end page, you can not process it in the back-end code, and directly use the front-end custom label to achieve the purpose of processing the data to be displayed on the front-end
For example: I want to do some processing on the length of the article description returned in the front page, if it is too long, it will not be displayed. Then, there is no need to judge all the data found in the views one by one, and you can customize the processing only where the article description is displayed on the front page.
1. First create a python package named templatetags (fixed name) in the sub-project directory, and then create a py file such as my_tag.py
my_tag.py
1 from Django Import Template 2 the Register = template.Library () 3 # These are hardcoded 4 @ register.filter 5 # This can only have two arguments 6 DEF the Test (S, length = 5 ): 7 IF len (S)> length: . 8 S = S [: 2] + ' ... ' . 9 return S 10 . 11 @ register.simple_tag 12 is # this can have many parameters 13 is DEF test2 (S, length, STR): 14 IF len (s)> length: 15 s=s[:2]+str+'...' 16 return s
2. How to use it in the front page
. 1 {% Load% my_tag } 2 { # introduced into the front end of a custom tag file #}
. 1 <P> {{article.desc | Test:. 5}} </ P> 2 { # The first usage parameter {{| function name: second parameter}}} #
1 <P> {test2 article.desc. 5% ' 111 ' %} </ P> 2 { # The second use function name {% 1 Parameter 2 Parameter 3 Parameter%}} #
3. There are functions that come with django, you do n’t need to write register yourself, you can use it directly
1 {{s.0}} 2 Take the element with index 0 in the list 3 {{s | length}} 4 Take the length 5 {{s | slice: " 0: 2 " }} 6 Slice 7 {{s | join : " - " }} 8 join to join 9 {{s | default: " admin " }} 10 If it is empty, return a default value 11 {{s | date: " Ymd H: i: s " }} 12 time format 13 {{s | truncatechars: 20 }} 14 slice 15 {{s | add: 2}} 16 numbers such as age increased by 2 years of age 17 {{S | the Add: " Mr. " }} 18 such as the name behind the increase in Mr. 19 {{S | Upper}} 20 uppercase 21 {{S | Lower}} 22 converted into Lowercase 23 {{s | safe}} 24 This character is considered safe. If you write like this, it will cause xss injection
4. About xss injection
If there is a user input box in the front end, for example, if the user enters some CSS or JS code, the layout of the front end page will be changed, and there may even be security risks.
Now the browser is guarded by default, and there will be no problems. If the safe function is used, it means that the data is safe, then the browser will display it according to the label and other content entered by the user.
For example, the data returned in views is such a label:
1 def test(request): 2 s='<h1 style="color: red; font-size: 10px" >11111111</h1>' 3 return render(request,'test.html',locals())
Used safe in the front-end page
1 {{ s|safe }}
Then the h1 style will be displayed in the browser