How to remove html / javascript from text input in django

Question

What is the easiest way to remove all html / javascript from a string?

+58

python django

Eldila May 18 '09 at 10:53 p.m.

source share

3 answers

 {{ value|striptags }}

+34

Ayman Hourieh May 18 '09 at 11:04 p.m.

source share

nice snippet if you want to keep multiple tags and share the rest:

-3

zonky Jul 11 '11 at 11:27

source share

Eldila · Accepted Answer · 2009-05-18 23:15

If you want to cut tags in python, you can use:

from django.utils.html import strip_tags strip_tags(string_value)

EDIT: If you use strip_tags, you should update django. Because security researchers have found a way around the strip_tags. Additional information: http://www.mehmetince.net/django-strip_tags-bypass-vulnerability-exploit/