7

I'm using pystache to render the templates. I'm getting & in the output when I render context variables having &. How can get rid of & where I need & . Same thing is happening with django templating as well 

>>> pystache.render('The URL {{URL}}', {'URL': 'http://google.com?a=3&b=3'})
u'The URL http://google.com?a=3&b=3'
bakkal
  • 54,350
  • 12
  • 131
  • 107
neotam
  • 2,611
  • 1
  • 31
  • 53

2 Answers2

8

To prevent escaping use triple braces {{{var}}}

To prevent escaping, use triple braces, {{{URL}}} instead of double braces {{URL}}

>>> pystache.render('The URL {{{URL}}}', {'URL': 'http://google.com?a=3&b=3'})
u'The URL http://google.com?a=3&b=3'

I've tested this on the most recent release as of today, version 0.5.4

Mustache Documentation

Since Pystache is a Mustache implementation in Python, you can use Mustache's documentation as pointers.

All variables are HTML escaped by default. If you want to return unescaped HTML, use the triple mustache: {{{name}}}.

source: https://mustache.github.io/mustache.5.html

bakkal
  • 54,350
  • 12
  • 131
  • 107
2

A long time ago they've got such suggestion.

There is auxillary escape option of Renderer class initializer. This option accepts function that operates on strings. Default is cgi.escape(s, quote=True).

So when you write:

import pystache
rend = pystache.Rendered(escape=lambda s: s)
rend.render(your_obj)

you've got unascaped values without tripple braces in template.

See docs on Rendered class

Timur Milovanov
  • 727
  • 8
  • 18
  • My answer targeted non-HTML use cases. Because tripple curly braces in such templates hurts my eyes )). So, why not using simple double braces? – Timur Milovanov Feb 20 '20 at 15:56