django.utils.html format_html Example Code

format_html is a function within the Django project that is like str.format but for HTML content. The function allows a program to safely create small HTML fragments to render, most likely in an output webpaage.

Understanding these concepts are useful when coding with projects that use Django's format_html function:

You can also view the complete all topics page for even more resources.

Example 1 from django-angular

django-angular (project examples website) is a library with helper code to make it easier to use Angular as the front-end to Django projects. The code for django-angular is open source under the MIT license.

django-angular / djng / templatetags /

# -*- coding: utf-8 -*-

from __future__ import unicode_literals

import json

from django.template import Library
from django.template.base import Node, NodeList, TextNode, VariableNode
from django.utils.html import format_html
from django.utils.safestring import mark_safe
from django.utils.translation import get_language_from_request

from djng.core.urlresolvers import (get_all_remote_methods, 

register = Library()

def djng_all_rmi():
    Returns a dictionary of all methods for all Views available for 
    this project, marked with the ``@allow_remote_invocation`` 
    decorator. The return string can be used directly to initialize
    the AngularJS provider, such as 
    ``djangoRMIProvider.configure({­% djng_rmi_configs %­});``
    return mark_safe(json.dumps(get_all_remote_methods()))

@register.simple_tag(name='djng_current_rmi', takes_context=True)
def djng_current_rmi(context):
    Returns a dictionary of all methods for the current View of 
    this request, marked with the @allow_remote_invocation decorator. 
    The return string can be used directly to initialize the 
    AngularJS provider, such as 
    ``djangoRMIProvider.configure({­% djng_current_rmi %­});``
    return mark_safe(json.dumps(get_current_remote_methods(context.get('view'))))

@register.simple_tag(name='load_djng_urls', takes_context=True)
def djng_urls(context, *namespaces):
    raise DeprecationWarning(
        "load_djng_urls templatetag is deprecated and has " + \
        "been removed from this version of django-angular."
        "Please refer to documentation for updated way to " + \
        "manage django urls in angular.")

class AngularJsNode(Node):
    def __init__(self, django_nodelist, angular_nodelist, variable):
        self.django_nodelist = django_nodelist
        self.angular_nodelist = angular_nodelist
        self.variable = variable

    def render(self, context):
        if self.variable.resolve(context):
            return self.angular_nodelist.render(context)
        return self.django_nodelist.render(context)

def angularjs(parser, token):
    Conditionally switch between AngularJS and Django variable 
    expansion for ``{{`` and ``}}`` keeping Django's expansion 
    for ``{%`` and ``%}``
        {% angularjs 1 %} or simply {% angularjs %}
            {% process variables through the AngularJS template engine %}
        {% endangularjs %}
        {% angularjs 0 %}
            {% process variables through the Django template engine %}
        {% endangularjs %}
        Instead of 0 and 1, it is possible to use a context variable.
    bits = token.contents.split()
    if len(bits) < 2:
    values = [parser.compile_filter(bit) for bit in bits[1:]]
    django_nodelist = parser.parse(('endangularjs',))
    angular_nodelist = NodeList()
    for node in django_nodelist:
        # convert all occurrences of VariableNode into a TextNode using the
        # AngularJS double curly bracket notation
        if isinstance(node, VariableNode):
            # convert Django's array notation into JS array notation
            tokens = node.filter_expression.token.split('.')
            token = tokens[0]
            for part in tokens[1:]:
                if part.isdigit():
                    token += '[%s]' % part
                    token += '.%s' % part
            node = TextNode('{{ %s }}' % token)
    return AngularJsNode(django_nodelist, angular_nodelist, values[0])

@register.simple_tag(name='djng_locale_script', takes_context=True)
def djng_locale_script(context, default_language='en'):
    Returns a script tag for including the proper locale 
    script in any HTML page. This tag determines the current 
    language with its locale.
        <script src="{% static 'node_modules/angular-i18n/' %}
        {% djng_locale_script %}"></script>
    or, if used with a default language:
        <script src="{% static 'node_modules/angular-i18n/' %}
        {% djng_locale_script 'de' %}"></script>
    language = get_language_from_request(context['request'])
    if not language:
        language = default_language
    return format_html('angular-locale_{}.js', language.lower())

Example 2 from AuditLog

Auditlog (project documentation) is a Django app that logs changes to Python objects, similar to the Django admin's logs but with more details and output formats. Auditlog's source code is provided as open source under the MIT license.

django-auditlog / src / auditlog /

import json

from django.conf import settings
    from django.core import urlresolvers
except ImportError:
    from django import urls as urlresolvers
    from django.urls.exceptions import NoReverseMatch
except ImportError:
    from django.core.urlresolvers import NoReverseMatch
from django.utils.html import format_html
from django.utils.safestring import mark_safe

MAX = 75

class LogEntryAdminMixin(object):

    def created(self, obj):
        return obj.timestamp.strftime('%Y-%m-%d %H:%M:%S')
    created.short_description = 'Created'

    def user_url(self, obj):
            app_label, model = settings.AUTH_USER_MODEL.split('.')
            viewname = 'admin:%s_%s_change' % (app_label, 
                link = urlresolvers.reverse(viewname, 
            except NoReverseMatch:
                return u'%s' % (
            return format_html(u'<a href="{}">{}</a>', 

        return 'system'
    user_url.short_description = 'User'

    def resource_url(self, obj):
        app_label, model = obj.content_type.app_label, 
        viewname = 'admin:%s_%s_change' % (app_label, model)
            args = [obj.object_pk] if obj.object_id is \
                   None else [obj.object_id]
            link = urlresolvers.reverse(viewname, args=args)
        except NoReverseMatch:
            return obj.object_repr
            return format_html(u'<a href="{}">{}</a>', 
                               link, obj.object_repr)
    resource_url.short_description = 'Resource'

    def msg_short(self, obj):
        if obj.action == 2:
            return ''  # delete
        changes = json.loads(obj.changes)
        s = '' if len(changes) == 1 else 's'
        fields = ', '.join(changes.keys())
        if len(fields) > MAX:
            i = fields.rfind(' ', 0, MAX)
            fields = fields[:i] + ' ..'
        return '%d change%s: %s' % (len(changes), s, fields)
    msg_short.short_description = 'Changes'

    def msg(self, obj):
        if obj.action == 2:
            return ''  # delete
        changes = json.loads(obj.changes)
        msg = '<table><tr><th>#</th><th>Field</th>' + \
        for i, field in enumerate(sorted(changes), 1):
            value = [i, field] + (['***', '***'] if field == \
                    'password' else changes[field])
            msg += format_html('<tr><td>{}</td><td>{}</td><td>' + \
                               '{}</td><td>{}</td></tr>', *value)

        msg += '</table>'
        return mark_safe(msg)
    msg.short_description = 'Changes'
1. Introduction 2. Development Environments 3. Data 4. Web Development 5. Deployment 6. DevOps Changelog What Full Stack Means About the Author Future Directions Page Statuses Django ExtensionsDjango Example Codedjango.apps.config AppConfigdjango.conf settingsdjango.conf.urls.urldjango.contrib.admindjango.contrib.admin.filters SimpleListFilterdjango.contrib.admin.sites registerdjango.contrib.auth.decorators login_requireddjango.contrib.auth get_user_modeldjango.contrib.auth.hashers make_passworddjango.core.exceptions ImproperlyConfigureddjango.core.mail.messages BaseCommanddjango.db.models AutoFielddjango.db.models BooleanFielddjango.db.models CharFielddjango.db.models DateFielddjango.db.models DateTimeFielddjango.db.models FileFielddjango.db.models ForeignKeydjango.db.models GenericIPAddressFielddjango.db.models ImageFielddjango.db.models IntegerFielddjango.db.models Modeldjango.db.models PositiveIntegerFielddjango.db.models PositiveSmallIntegerFielddjango.db.models.signaldjango.db.models SlugFielddjango.db.models SmallIntegerFielddjango.db.models TextFielddjango.db OperationalErrordjango.dispatch Signaldjango.formsdjango.forms BooleanFielddjango.forms CharFielddjango.forms ChoiceFielddjango.forms DateFielddjango.forms DateTimeFielddjango.forms EmailFielddjango.forms IntegerFielddjango.forms TypedChoiceFielddjango.http Http404django.http HttpResponsedjango.http HttpResponseBadRequestdjango.http HttpResponseForbiddendjango.http HttpResponseNotModifieddjango.http HttpResponsePermanentRedirectdjango.http HttpResponseRedirectdjango.template.response SimpleTemplateResponsedjango.template.response TemplateResponsedjango.urls.pathdjango.urls reverse_lazydjango.urls.exceptions NoReverseMatchdjango.urls.exceptions Resolver404django.utils.html format_htmldjango.utils.timezone ...or view the full table of contents.

Full Stack Python

Full Stack Python is an open book that explains concepts in plain language and provides helpful resources for those topics.
Updates via Twitter & Facebook.

Matt Makai 2012-2020