1
0
mirror of https://github.com/django/django.git synced 2025-10-25 06:36:07 +00:00

Fixed #23734 -- Replaced striptags in template filter overview since it has security implications.

Thanks Aymeric Augustin for the suggestion.
This commit is contained in:
Tim Graham
2014-10-30 18:26:13 -04:00
parent 9e3aaa5a46
commit 08c5887f13

View File

@@ -166,13 +166,13 @@ used template filters:
If ``value`` is ``['a', 'b', 'c', 'd']``, the output will be ``4``. If ``value`` is ``['a', 'b', 'c', 'd']``, the output will be ``4``.
:tfilter:`striptags` :tfilter:`filesizeformat`
Strips all [X]HTML tags. For example:: Formats the value like a "human-readable" file size (i.e. ``'13 KB'``,
``'4.1 MB'``, ``'102 bytes'``, etc). For example::
{{ value|striptags }} {{ value|filesizeformat }}
If ``value`` is ``"<b>Joel</b> <button>is</button> a If ``value`` is 123456789, the output would be ``117.7 MB``.
<span>slug</span>"``, the output will be ``"Joel is a slug"``.
Again, these are just a few examples; see the :ref:`built-in filter reference Again, these are just a few examples; see the :ref:`built-in filter reference
<ref-templates-builtins-filters>` for the complete list. <ref-templates-builtins-filters>` for the complete list.