Skip to content

ContentFormat image HTML source needs to escape attributes #2035

New issue
New issue
Closed
#2036
Closed
ContentFormat image HTML source needs to escape attributes#2035
#2036
Labels
blogbug
@thibaudcolas

Description

@thibaudcolas
thibaudcolas
opened on Apr 16, 2025

From #2001 – the alt attribute contents need escaping for HTML, here:

djangoproject.com/blog/models.py

Lines 67 to 74 in 92ca24f

def img(self, url, alt_text):
"""
Generate the source code for an image in the current format
"""
CF = type(self)
return {
CF.REST: f".. image:: {url}\n :alt: {alt_text}",
CF.HTML: f'<img src="{url}" alt="{alt_text}">',
.

As-is, the "Raw HTML" copy button will generate invalid markup when it contains double quotes. For example:

<img src="https://media.djangoproject.com/blog/images/2025/04/20250416-run-your-tests-against.webp" alt="Sage presenting, holding a microphone. To his right his title slide states "Run your tests against Django’s main!", "Django London Meetup", "Thursday, 13 February 2025"">

Metadata

Metadata

Assignees

No one assigned

    Labels

    blogbug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions