带有变形的金字塔无法正确渲染。呈现为纯字符串
Pyramid with Deform not rendering properly. Rendered as pure string
我正在尝试变形金字塔。但是,表单不是呈现为表单而是纯字符串
@view_config(route_name='sign_up', renderer='templates/sign_up.jinja2')
def sign_up(request):
schema = SignUpForm().bind(request=request)
button = deform.form.Button(name='SignUp', title = 'Sign Up')
form = deform.form.Form(schema, buttons=(button, ))
if request.method == 'POST':
try:
appstruct = form.validate(request.POST.items())
# Save the data to database
print('saved')
print(appstruct['username'])
request.session.flash('your have succesfully registered')
return HTTPFound('/')
except deform.exception.ValidationFailure as e:
rendered_form = form.render()
else:
print('rendering the form')
rendered_form = form.render();
return {'rendered_form': rendered_form}
这是我的 HTML 使用 Jinja2 模板。
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
</head>
<body>
{{rendered_form}}
</body>
</html>
所有表单信息在浏览器中显示为纯文字字符串,如 <form method=POST>
等
class SignUpForm(deform.schema.CSRFSchema):
username = colander.SchemaNode(
colander.String(),
title = 'Username')
password = colander.SchemaNode(
colander.String(),
title = 'Password')
Jinja2 配置为 auto-escape 模板中的任何变量,以避免来自变量中不受信任的标记的 XSS 攻击。您可以通过 {{ rendered_form | safe }}
.
为表单关闭 auto-escaping(因为可以相信变形可以自行转义呈现的数据)
我正在尝试变形金字塔。但是,表单不是呈现为表单而是纯字符串
@view_config(route_name='sign_up', renderer='templates/sign_up.jinja2')
def sign_up(request):
schema = SignUpForm().bind(request=request)
button = deform.form.Button(name='SignUp', title = 'Sign Up')
form = deform.form.Form(schema, buttons=(button, ))
if request.method == 'POST':
try:
appstruct = form.validate(request.POST.items())
# Save the data to database
print('saved')
print(appstruct['username'])
request.session.flash('your have succesfully registered')
return HTTPFound('/')
except deform.exception.ValidationFailure as e:
rendered_form = form.render()
else:
print('rendering the form')
rendered_form = form.render();
return {'rendered_form': rendered_form}
这是我的 HTML 使用 Jinja2 模板。
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
</head>
<body>
{{rendered_form}}
</body>
</html>
所有表单信息在浏览器中显示为纯文字字符串,如 <form method=POST>
等
class SignUpForm(deform.schema.CSRFSchema):
username = colander.SchemaNode(
colander.String(),
title = 'Username')
password = colander.SchemaNode(
colander.String(),
title = 'Password')
Jinja2 配置为 auto-escape 模板中的任何变量,以避免来自变量中不受信任的标记的 XSS 攻击。您可以通过 {{ rendered_form | safe }}
.