变形金字塔无法正确渲染。呈现为纯字符串

时间:2017-02-13 17:10:21

标签: python pyramid html-form colander deform

我正在尝试变形金字塔。但是,表单不会呈现为表单而是呈现纯字符串

@view_config(route_name='sign_up', renderer='templates/sign_up.jinja2')
def sign_up(request):
    schema = SignUpForm().bind(request=request)

    button = deform.form.Button(name='SignUp', title = 'Sign Up')
    form = deform.form.Form(schema, buttons=(button, ))

    if request.method == 'POST':
        try:
            appstruct = form.validate(request.POST.items())

            # Save the data to database
            print('saved')
            print(appstruct['username'])

            request.session.flash('your have succesfully registered')

            return HTTPFound('/')
        except deform.exception.ValidationFailure as e:
            rendered_form = form.render()
    else:
        print('rendering the form')
        rendered_form = form.render();

    return {'rendered_form': rendered_form}

这是我使用Jinja2模板的HTML。

<!DOCTYPE html>
<html>
    <head>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
    </head>
    <body>
            {{rendered_form}}
    </body>
</html>

所有表单信息都显示为浏览器中的<form method=POST>等纯文字字符串

class SignUpForm(deform.schema.CSRFSchema):
    username = colander.SchemaNode(
        colander.String(),
        title = 'Username')
    password = colander.SchemaNode(
        colander.String(),
        title = 'Password')

1 个答案:

答案 0 :(得分:3)

Jinja2配置为自动转义模板中的任何变量,以避免变量中不受信任的标记造成XSS攻击。您可以通过{{ rendered_form | safe }}关闭表单的自动转义(因为可以信任deform以自行转义呈现的数据)。

相关问题
最新问题