django-cms 删除 ![]()
;文本内容的标签
我正在使用 django-cms,并向页面添加一段文本内容(使用标准文本插件)。然后在那段文本上,我进入 html 模式并添加 
现在,在网站上,我看到我所做的页面更改,但 img 标签已被删除。
知道为什么会发生这种情况吗?我尝试过 wymeditor 和 fckeditor,它都发生在两者下。
I'm using django-cms, and I add a piece of text content (using the standard text plugin) to a page. Then on that piece of text, I go into html mode and add <img src="/foo/bar.png" /> and save the plugin and save the page.
On the site, now, I see the page changes I've made, but the img tag has been stripped out.
Any idea why this is happening? I've tried wymeditor and fckeditor and it happens under both.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我相信在 Django CMS 中,HTML 清理发生在 Django 模板层之前。我查看了我的数据库,发现 HTML 中的“”标签正在被清理。
我认为这发生在 插件(Django CMS 用于表示其内容位的短语)层。我假设要添加 HTML,您正在使用 文本插件。查看
的源代码文本插件模型的 clean方法:它调用
cms.utils.clean_html,它又使用html5lib来清理 HTML。解决此问题的一种方法是创建一个 自定义插件 继承自
Text插件,并重新实现了不执行此清理操作的clean方法。I believe that in Django CMS, the HTML cleaning happens before the Django Template layer. I took a look in my database and found that a "" tag in my HTML was being sanitized.
I think this happens at the Plugin (the phrase Django CMS uses for its bits of content) layer. I'm assuming that to add HTML, you're using the Text plugin. Looking at the source for the
cleanmethod of the Text plugin model:It calls
cms.utils.clean_html, which in turn useshtml5libto sanitize the HTML.One way to work around this would be to create a custom plugin that inherits from the
Textplugin and re-implements thecleanmethod that doesn't do this sanitization.在 Django 中,默认情况下,字符串在输出到网页之前会被清理。我怀疑 Django-CMS 将插件视为未经处理的用户数据,因此 Django 模板系统从插件中删除了 HTML 字符。
Django 模板文档: http://docs.djangoproject.com /en/dev/ref/templates/builtins/?from=olddocs
请注意第一项,autoescape。我怀疑插件正在通过该过滤器运行。
抱歉,我没有更多具体信息。我不是 Django-CMS 人。
In Django, strings are sanitized before being output onto a webpage by default. I suspect Django-CMS treats plugins like unsanitized user data, so the Django Template system strips out an HTML characters from the plugin.
Django Template Docs: http://docs.djangoproject.com/en/dev/ref/templates/builtins/?from=olddocs
Note the very first item, autoescape. I suspect plugins are being run through that filter.
Sorry, I don't have any more specifics. I'm not a Django-CMS guy.