How to convert ' to quotes in javascript?
I am trying to pass a python list with string values from views.py to the template where a javascript uses the same for labels of a pie chart(plotly). The issue is when the list is received at the front-end, the list is getting the hexcode of the quote which is ' instead of the quotes. How to convert it to quote? Here is the snippet:
var trace1 = {
x: {{labels}},
y: {{values}},
marker:{
color: ['rgba(204,204,204,1)', 'rgba(222,45,38,0.8)', 'rgba(204,204,204,1)', ]
},
type: 'bar'
};
Now, i am getting the values for 'labels' as:
['One', 'Two', 'Three']
Instead of:
['One','Two','Three']
Just wanted to know are there any methods to avoid this easily instead of using string replace methods?
For security reasons, Django escapes the quotes (and many other characters) when it renders the template.
If you're sure that this data is not harmful (i.e. is not entered by your site's users), then you can just use the the safe
filter in the template:
{{ my_list | safe }}
The safe
filter tells Django that the data is trustworthy, and, so it won't escape it.
Warning: Don't use safe
filter if the data you're displaying on the templates is submitted by your site's users. That might lead to XSS attacks.
If you ever need to use safe
with user-submitted data, you should first sanitize the data such as by using bleach or django-bleach.