strip_tags(value) [source] Tries to remove anything that looks like an HTML tag from the string, that is anything contained within <>. Absolutely NO guarantee is provided about the resulting string being HTML safe. So NEVER mark safe the result of a strip_tag call without escaping it first, for example with escape(). For example: strip_tags(value) If value is "<b>Joel</b> <button>is</button> a <span>slug</span>" the return value will be "Joel is a s

html_safe() [source] The __html__() method on a class helps non-Django templates detect classes whose output doesn’t require HTML escaping. This decorator defines the __html__() method on the decorated class by wrapping the __unicode__() (Python 2) or __str__() (Python 3) in mark_safe(). Ensure the __unicode__() or __str__() method does indeed return text that doesn’t require HTML escaping.

format_html_join(sep, format_string, args_generator) [source] A wrapper of format_html(), for the common case of a group of arguments that need to be formatted using the same format string, and then joined using sep. sep is also passed through conditional_escape(). args_generator should be an iterator that returns the sequence of args that will be passed to format_html(). For example: format_html_join( '\n', "<li>{} {}</li>", ((u.first_name, u.last_name) for u in users) )

format_html(format_string, *args, **kwargs) [source] This is similar to str.format(), except that it is appropriate for building up HTML fragments. All args and kwargs are passed through conditional_escape() before being passed to str.format(). For the case of building up small HTML fragments, this function is to be preferred over string interpolation using % or str.format() directly, because it applies escaping to all arguments - just like the template system applies escaping by default. So

escape(text) [source] Returns the given text with ampersands, quotes and angle brackets encoded for use in HTML. The input is first passed through force_text() and the output has mark_safe() applied.

conditional_escape(text) [source] Similar to escape(), except that it doesn’t operate on pre-escaped strings, so it will not double escape.

keep_lazy_text(func) [source] New in Django 1.10. A shortcut for keep_lazy(six.text_type)(func). If you have a function that returns text and you want to be able to take lazy arguments while delaying their evaluation, simply use this decorator: from django.utils import six from django.utils.functional import keep_lazy, keep_lazy_text # Our previous example was: @keep_lazy(six.text_type) def fancy_utility_function(s, ...): ... # Which can be rewritten as: @keep_lazy_text def fancy_uti

keep_lazy(func, *resultclasses) [source] New in Django 1.10. Django offers many utility functions (particularly in django.utils) that take a string as their first argument and do something to that string. These functions are used by template filters as well as directly in other code. If you write your own similar functions and deal with translations, you’ll face the problem of what to do when the first argument is a lazy translation object. You don’t want to convert it to a string immediat

class cached_property(object, name) [source] The @cached_property decorator caches the result of a method with a single self argument as a property. The cached result will persist as long as the instance does, so if the instance is passed around and the function subsequently invoked, the cached result will be returned. Consider a typical case, where a view might need to call a model’s method to perform some computation, before placing the model instance into the context, where the template m

allow_lazy(func, *resultclasses) [source] Deprecated since version 1.10. Works like keep_lazy() except that it can’t be used as a decorator.