带有变形的金字塔无法正确渲染。呈现为纯字符串

Pyramid with Deform not rendering properly. Rendered as pure string

我正在尝试变形金字塔。但是,表单不是呈现为表单而是纯字符串

@view_config(route_name='sign_up', renderer='templates/sign_up.jinja2')
def sign_up(request):
    schema = SignUpForm().bind(request=request)

    button = deform.form.Button(name='SignUp', title = 'Sign Up')
    form = deform.form.Form(schema, buttons=(button, ))

    if request.method == 'POST':
        try:
            appstruct = form.validate(request.POST.items())

            # Save the data to database
            print('saved')
            print(appstruct['username'])

            request.session.flash('your have succesfully registered')

            return HTTPFound('/')
        except deform.exception.ValidationFailure as e:
            rendered_form = form.render()
    else:
        print('rendering the form')
        rendered_form = form.render();

    return {'rendered_form': rendered_form}

这是我的 HTML 使用 Jinja2 模板。

<!DOCTYPE html>
<html>
    <head>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
    </head>
    <body>
            {{rendered_form}}
    </body>
</html>

所有表单信息在浏览器中显示为纯文字字符串,如 <form method=POST>

class SignUpForm(deform.schema.CSRFSchema):
    username = colander.SchemaNode(
        colander.String(),
        title = 'Username')
    password = colander.SchemaNode(
        colander.String(),
        title = 'Password')

Jinja2 配置为 auto-escape 模板中的任何变量,以避免来自变量中不受信任的标记的 XSS 攻击。您可以通过 {{ rendered_form | safe }}.

为表单关闭 auto-escaping(因为可以相信变形可以自行转义呈现的数据)