变形金字塔渲染不正常。呈现为纯字符串

Question

我试着用变形金字塔。但是形式不呈现为形式，而是一个纯粹的字符串

@view_config(route_name='sign_up', renderer='templates/sign_up.jinja2') 
def sign_up(request): 
    schema = SignUpForm().bind(request=request) 

    button = deform.form.Button(name='SignUp', title = 'Sign Up') 
    form = deform.form.Form(schema, buttons=(button,)) 

    if request.method == 'POST': 
     try: 
      appstruct = form.validate(request.POST.items()) 

      # Save the data to database 
      print('saved') 
      print(appstruct['username']) 

      request.session.flash('your have succesfully registered') 

      return HTTPFound('/') 
     except deform.exception.ValidationFailure as e: 
      rendered_form = form.render() 
    else: 
     print('rendering the form') 
     rendered_form = form.render(); 

    return {'rendered_form': rendered_form} 

这是使用Jinja2的模板我的HTML。在你的模板

<!DOCTYPE html> 
<html> 
    <head> 
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> 
    </head> 
    <body> 
      {{rendered_form}} 
    </body> 
</html> 

所有形式的信息显示了在浏览器

class SignUpForm(deform.schema.CSRFSchema): 
    username = colander.SchemaNode(
     colander.String(), 
     title = 'Username') 
    password = colander.SchemaNode(
     colander.String(), 
     title = 'Password') 

Answer 1

的Jinja2被配置为纯文本字符串像<form method=POST>等自动流出的任何变量，以避免从不受信任的标记跨站脚本攻击变量。您可以通过{{ rendered_form | safe }}关闭表单的自动转义（因为可以信任变形以自行转义呈现的数据）。