I started a project with the Python web framwork 'Pyramid', using the template engine 'chameleon'.
I'm a beginner of this frameworks, but I have to use it for a customer.
I follow the steps in order to install the framework, then I started coding, just for training purpose!
My first application was a stupid, simple CRUD application.
What I'm doing is:
in my __init__.py I have, for each view, the following code:
config.add_view('myenglishdictionary.views.modify',route_name='modify_route',renderer='templates/base.pt')
base.pt is the main template with header and footer and a div with the following code:
<div>${body}</div>
in my file view.py each view has 2 lines like the following:
body = render('templates/list.pt',{'list':list ,'project':'myProject'}, request=request)
return {'body':body}
and in my list.pt there is the content which will be embedded in base.pt
All seemed to work good. But after an update of the libraries, now I can't see my template correctly.
Instead the actual html code there are html entities:
<div class="clear"></div>
so, obviously the page doesn't look well.
The problems seems to be in the render method, since the html of base.pt template is displayed correctly.
Using the
${}syntax escapes the included text by default (to help defend against XSS injection attacks).Instead, use the
structure:prefix to tell the rendering engine to not escape your text: