The user text input is as follows:
Test 'post'. Post at 8:52 on Feb 3rd. /u/username created it.
This <a href="link">link</a> should not be displayed as a link.
I send the user's input through a custom filter when showing it on the template. This is the custom filter:
word_split_re = re.compile(r'(\s+)')
@register.filter
@stringfilter
def customUrlize(value):
words = word_split_re.split(force_text(value))
for i, b in enumerate(words):
if b.startswith('/u/'):
username = b[3:]
if re.match("^[A-Za-z0-9_-]*$", username):
b = "<a href='testLink'>" + b + "</a>"
words[i] = mark_safe(b)
return ''.join(words)
As you can see, what I want to do is wrap the words which start with '/u/' (And only contains letters, numbers, underscores and dashes) with an
<a>
tag. With the current filter, all the code is escaped and it is displayed as:
Test 'post'. Post at 8:52 on Feb 3rd. <a href='testLink'>/u/username</a> created it.
This <a href="link">link</a> should not be displayed as a link.
What I want is for the text to be displayed normally but for /u/username to be a link.
If I try doing:
return mark_safe(''.join(words))
then it displays even the
<a href="link">link</a>
as a link along with
/u/username
How do I make it so that it only displays
/u/username
as a link?
Edit: I am using Django 1.5.
In my template, assuming
comment
is a
CharField
I display the comment as so:
{{ comment|customUrlize }}
Unless there is some additional formatting in the text that you want to keep, you can just
escape
the text before altering it.So this line:
Becomes this:
The complete filter is:
And should give:
Which renders as: