format_html(format_string, *args, **kwargs) [source] This is similar to str.format(), except that it is appropriate for building up HTML fragments. All args and kwargs are passed through conditional_escape() before being passed to str.format(). For the case of building up small HTML fragments, this function is to be preferred over string interpolation using % or str.format() directly, because it applies escaping to all arguments - just like the template system applies escaping by default. So

format_html_join(sep, format_string, args_generator) [source] A wrapper of format_html(), for the common case of a group of arguments that need to be formatted using the same format string, and then joined using sep. sep is also passed through conditional_escape(). args_generator should be an iterator that returns the sequence of args that will be passed to format_html(). For example: format_html_join( '\n', "<li>{} {}</li>", ((u.first_name, u.last_name) for u in users) )

html_safe() [source] The __html__() method on a class helps non-Django templates detect classes whose output doesn’t require HTML escaping. This decorator defines the __html__() method on the decorated class by wrapping the __unicode__() (Python 2) or __str__() (Python 3) in mark_safe(). Ensure the __unicode__() or __str__() method does indeed return text that doesn’t require HTML escaping.

strip_tags(value) [source] Tries to remove anything that looks like an HTML tag from the string, that is anything contained within <>. Absolutely NO guarantee is provided about the resulting string being HTML safe. So NEVER mark safe the result of a strip_tag call without escaping it first, for example with escape(). For example: strip_tags(value) If value is "<b>Joel</b> <button>is</button> a <span>slug</span>" the return value will be "Joel is a s

base36_to_int(s) [source] Converts a base 36 string to an integer. On Python 2 the output is guaranteed to be an int and not a long.

cookie_date(epoch_seconds=None) [source] Formats the time to ensure compatibility with Netscape’s cookie standard. Accepts a floating point number expressed in seconds since the epoch in UTC–such as that outputted by time.time(). If set to None, defaults to the current time. Outputs a string in the format Wdy, DD-Mon-YYYY HH:MM:SS GMT.

http_date(epoch_seconds=None) [source] Formats the time to match the RFC 1123 date format as specified by HTTP RFC 7231#section-7.1.1.1. Accepts a floating point number expressed in seconds since the epoch in UTC–such as that outputted by time.time(). If set to None, defaults to the current time. Outputs a string in the format Wdy, DD Mon YYYY HH:MM:SS GMT.

int_to_base36(i) [source] Converts a positive integer to a base 36 string. On Python 2 i must be smaller than sys.maxint.

urlencode(query, doseq=0) [source] A version of Python’s urllib.urlencode() function that can operate on unicode strings. The parameters are first cast to UTF-8 encoded strings and then encoded as per normal.

urlquote(url, safe='/') [source] A version of Python’s urllib.quote() function that can operate on unicode strings. The url is first UTF-8 encoded before quoting. The returned string can safely be used as part of an argument to a subsequent iri_to_uri() call without double-quoting occurring. Employs lazy execution.