flask.Markup

class flask.Markup[source]

Marks a string as being safe for inclusion in HTML/XML output without needing to be escaped. This implements the __html__ interface a couple of frameworks and web applications use. Markup is a direct subclass of unicode and provides all the methods of unicode just that it escapes arguments passed and always returns Markup.

The escape function returns markup objects so that double escaping can’t happen.

The constructor of the Markup class can be used for three different things: When passed an unicode object it’s assumed to be safe, when passed an object with an HTML representation (has an __html__ method) that representation is used, otherwise the object passed is converted into a unicode string and then assumed to be safe:

>>> Markup("Hello <em>World</em>!")
Markup(u'Hello <em>World</em>!')
>>> class Foo(object):
...  def __html__(self):
...   return '<a href="#">foo</a>'
...
>>> Markup(Foo())
Markup(u'<a href="#">foo</a>')

If you want object passed being always treated as unsafe you can use the escape() classmethod to create a Markup object:

>>> Markup.escape("Hello <em>World</em>!")
Markup(u'Hello &lt;em&gt;World&lt;/em&gt;!')

Operations on a markup string are markup aware which means that all arguments are passed through the escape() function:

>>> em = Markup("<em>%s</em>")
>>> em % "foo & bar"
Markup(u'<em>foo &amp; bar</em>')
>>> strong = Markup("<strong>%(text)s</strong>")
>>> strong % {'text': '<blink>hacker here</blink>'}
Markup(u'<strong>&lt;blink&gt;hacker here&lt;/blink&gt;</strong>')
>>> Markup("<em>Hello</em> ") + "<foo>"
Markup(u'<em>Hello</em> &lt;foo&gt;')

Methods

capitalize(() -> unicode) Return a capitalized version of S, i.e.
center((width[, fillchar]) -> unicode) Return S centered in a Unicode string of length width.
count((sub[, start[, end]]) -> int) Return the number of non-overlapping occurrences of substring sub in Unicode string S[start:end].
decode(...) Decodes S using the codec registered for encoding.
encode(...) Encodes S using the codec registered for encoding.
endswith((suffix[, start[, end]]) -> bool) Return True if S ends with the specified suffix, False otherwise.
escape(s) Escape the string.
expandtabs(([tabsize]) -> unicode) Return a copy of S where all tab characters are expanded using spaces.
find((sub [,start [,end]]) -> int) Return the lowest index in S where substring sub is found, such that sub is contained within S[start:end].
format(*args, **kwargs)
index((sub [,start [,end]]) -> int) Like S.find() but raise ValueError when the substring is not found.
isalnum(() -> bool) Return True if all characters in S are alphanumeric and there is at least one character in S, False otherwise.
isalpha(() -> bool) Return True if all characters in S are alphabetic and there is at least one character in S, False otherwise.
isdecimal(() -> bool) Return True if there are only decimal characters in S, False otherwise.
isdigit(() -> bool) Return True if all characters in S are digits and there is at least one character in S, False otherwise.
islower(() -> bool) Return True if all cased characters in S are lowercase and there is at least one cased character in S, False otherwise.
isnumeric(() -> bool) Return True if there are only numeric characters in S, False otherwise.
isspace(() -> bool) Return True if all characters in S are whitespace and there is at least one character in S, False otherwise.
istitle(() -> bool) Return True if S is a titlecased string and there is at least one character in S, i.e.
isupper(() -> bool) Return True if all cased characters in S are uppercase and there is at least one cased character in S, False otherwise.
join((iterable) -> unicode) Return a string which is the concatenation of the strings in the iterable.
ljust((width[, fillchar]) -> int) Return S left-justified in a Unicode string of length width.
lower(() -> unicode) Return a copy of the string S converted to lowercase.
lstrip(([chars]) -> unicode) Return a copy of the string S with leading whitespace removed.
partition(sep)
replace((old, new[, count]) -> unicode) Return a copy of S with all occurrences of substring old replaced by new.
rfind((sub [,start [,end]]) -> int) Return the highest index in S where substring sub is found, such that sub is contained within S[start:end].
rindex((sub [,start [,end]]) -> int) Like S.rfind() but raise ValueError when the substring is not found.
rjust((width[, fillchar]) -> unicode) Return S right-justified in a Unicode string of length width.
rpartition(sep)
rsplit(([sep [,maxsplit]]) -> list of strings) Return a list of the words in S, using sep as the delimiter string, starting at the end of the string and working to the front.
rstrip(([chars]) -> unicode) Return a copy of the string S with trailing whitespace removed.
split(([sep [,maxsplit]]) -> list of strings) Return a list of the words in S, using sep as the delimiter string.
splitlines((keepends=False) -> list of strings) Return a list of the lines in S, breaking at line boundaries.
startswith((prefix[, start[, end]]) -> bool) Return True if S starts with the specified prefix, False otherwise.
strip(([chars]) -> unicode) Return a copy of the string S with leading and trailing whitespace removed.
striptags() Unescape markup into an text_type string and strip all tags.
swapcase(() -> unicode) Return a copy of S with uppercase characters converted to lowercase and vice versa.
title(() -> unicode) Return a titlecased version of S, i.e.
translate((table) -> unicode) Return a copy of the string S, where all characters have been mapped through the given translation table, which must be a mapping of Unicode ordinals to Unicode ordinals, Unicode strings or None.
unescape() Unescape markup again into an text_type string.
upper(() -> unicode) Return a copy of S converted to uppercase.
zfill((width) -> unicode) Pad a numeric string S with zeros on the left, to fill a field of the specified width.