Opened 2 years ago

Closed 2 years ago

#20701 closed New feature (duplicate)

Using python dicts directly in javascript

Reported by: tim0306+django@… Owned by: nobody
Component: Uncategorized Version: 1.5
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


I'm using Django to push some data from python into some javascript code. So I use RequestContext to set up the variables and hen use HttpResponse to render the template with the variables.

The javascript code (highcharts) follows a similar syntax as pythons dict, namely:
name: 'Female',
color: 'rgba(223, 83, 83, .5)',
data: 161.2, 51.6], [163.8, 67.3?

So I tried to directly use a python dict as a context, but got the following result:
'color': 'rgba(223, 83, 83, .5)'
'name': 'Female'

The dict data makes it into the final html, but the quotes of the string literals are respresented by '

It would be a great feature if the coupling from dict to template would work. To make this more generic maybe some preprocessing function could be defined that preps the dict data before it is pushed into the template.

Change History (1)

comment:1 Changed 2 years ago by aaugustin

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed

This is a duplicate of #17419 which cannot be implemented without introducing major security problems (XSS). It's impossible to serialize an arbitrary data structure into JavaScript embedded in HTML with Python's json module with adequate escaping. Trust me, I tried hard.

Request the JSON blob with AJAX instead.

Note: See TracTickets for help on using tickets.
Back to Top