escape
See also
HTML escape a text. Escapes all reserved HTML characters in the value. Escaped strings are safe to be displayed in a HTML page. When you echo a query string argument or path variable then you must escape the value before displaying it on a HTML page.
The following characters are replaced:
Character | Replacement |
---|---|
\\> | > |
< | < |
" | " |
' | ' |
& | & |
The escaping is only applied if the filter is not within an {% autoescape on %}
block. If you always want escaping to
be applied, use the force_escape filter.
For example:
{{ value|escape }}
When the value is <hel&lo\>
then the output is <hel&lo>
.
Note: this filter is not part of a module, it is built into the template compiler.