ContentFormat image HTML source needs to escape attributes #2035

thibaudcolas · 2025-04-16T23:23:44Z

From #2001 – the alt attribute contents need escaping for HTML, here:

Lines 67 to 74 in 92ca24f

    
               def img(self, url, alt_text): 
        
                   """ 
        
                   Generate the source code for an image in the current format 
        
                   """ 
        
                   CF = type(self) 
        
                   return { 
        
                       CF.REST: f".. image:: {url}\n   :alt: {alt_text}", 
        
                       CF.HTML: f'<img src="{url}" alt="{alt_text}">',

.

As-is, the "Raw HTML" copy button will generate invalid markup when it contains double quotes. For example:

<img src="https://media.djangoproject.com/blog/images/2025/04/20250416-run-your-tests-against.webp" alt="Sage presenting, holding a microphone. To his right his title slide states "Run your tests against Django’s main!", "Django London Meetup", "Thursday, 13 February 2025"">

The text was updated successfully, but these errors were encountered:

bmispelon · 2025-04-17T07:45:59Z

Good catch, thanks for reporting it! 🎸

I've opened a PR with a fix for this and other escaping issues: #2036

thibaudcolas added blog bug labels Apr 16, 2025

bmispelon linked a pull request Apr 17, 2025 that will close this issue

Fixed escaping of alt text in ContentFormat.img() #2036

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ContentFormat image HTML source needs to escape attributes #2035

ContentFormat image HTML source needs to escape attributes #2035

thibaudcolas commented Apr 16, 2025

bmispelon commented Apr 17, 2025

ContentFormat image HTML source needs to escape attributes #2035

ContentFormat image HTML source needs to escape attributes #2035

Comments

thibaudcolas commented Apr 16, 2025

bmispelon commented Apr 17, 2025