tvst / htbuilder Goto Github PK
View Code? Open in Web Editor NEWA purely-functional HTML builder for Python. Think JSX rather than templates.
License: Apache License 2.0
A purely-functional HTML builder for Python. Think JSX rather than templates.
License: Apache License 2.0
version 0.6.0 in pypi didn't fix the UTF-8 bug. Windows will have problem installing htbuilder and st-annotated-text
Thanks for a very interesting and useful library!
Currently, no escaping children or attributes of inputs is done. This makes the library unsafe for general purpose use IMO.
>>> print(div('<script>alert("danger!")</script>'))
<div><script>alert("danger!")</script></div>
>>> print(div(id='">hello'))
<div id="">hello"></div>
I think all input strings should be escaped by default (python has html.escape
: https://docs.python.org/3/library/html.html
Django has a concept of safe strings where all inputs to templates are escaped by default. When you want to inject trusted HTML, you mark the string as safe with mark_safe
:
https://docs.djangoproject.com/en/4.2/_modules/django/utils/safestring/
The convention is basically that an object with a __html__()
will not be escaped.
Would you be open to add escaping or accept a PR that implements it?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.