在Django中显示纯HTML而不是Captcha小部件?

时间:2013-03-28 07:10:01

标签: django recaptcha

我正在使用谷歌的recaptcha-client。我注册并获取localhost的私钥和公钥。 我正在向模板发送重新验证码,如下所示:

from django.conf import settings
from summary.captcha import displayhtml

 public_key = settings.RECAPTCHA_PUBLIC_KEY
 script = displayhtml(public_key=public_key)
return render_to_response('index.html', {'state':state, 'script':script}, context_instance=RequestContext(request))

显示此html而不是widget:

<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6Lf5Cd8SAAAAAD9TUGVAkEOHfHJWnZc9mK2lO5-W"></script> <noscript> <iframe src="http://www.google.com/recaptcha/api/noscript?k=6Lf5Cd8SAAAAAD9TUGVAkEOHfHJWnZc9mK2lO5-W" height="300" width="500" frameborder="0"></iframe><br /> <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea> <input type='hidden' name='recaptcha_response_field' value='manual_challenge' /> </noscript>

怎么了?

1 个答案:

答案 0 :(得分:0)

您必须将script变量标记为安全。

在模板中执行:

{{ script|safe }}