Django passing HTML objects into template as plain text

Question

This feels like a really silly issue, but I'm confused by the behavior of django-zinnia, a blog creation module.

When I test enter a plain text post, it appends each sentence with html < p > tags the browser doesn't read as html.

Example, if I enter this into the database (no html):

The entry from the db renders on page itself like this as if the < p > markup was plain text:

Within Zinnia, these html tags are being generated as part of the {{ object_content }} object in _entry_detail_base.html

<div class="entry-content">
     {{ object_content }}
</div>

I've looked through the entry.py models within Zinnia and I'm having trouble identifying where these tags are coming from or how they're being passed in in a way the browser doesn't interpret them for what they are (html). Is there a filter I can apply that might solve this? thanks

Answer 1

That's the default behavior for Django templates. Use {{ object_content|safe }} or {% autoescape off %} {{ object_content }} {% endautoescape %} (for multiple variables) to prevent html entities from being escaped.

Note that using the safe filter doesn't automatically mean the output is not escaped if you use another filter after it.

Answer 2

Check the Zinnia's source code: https://github.com/Fantomas42/django-blog-zinnia/blob/master/zinnia/templates/zinnia/_entry_detail_base.html

It's using |safe template tag:

<div class="entry-content">
    {{ object_content|safe }}
</div>