Prevent django admin from escaping html
As of Django 1.9, you can use format_html()
, format_html_join()
, or allow_tags
in your method. See the list_display
docs for more info.
The code in the question using mark_safe
will work. However a better option for methods like these might be format_html
, which will escape arguments.
def _get_thumbnail(self, obj): return format_html(u'<img src="{}" />', obj.admin_thumbnail.url)
In earlier versions of Django, using mark_safe()
would not work, and Django would escape the output. The solution was to give the method an allow_tags
attribute with the value set to True.
class PhotoAdmin(admin.ModelAdmin): fields = ('title', 'image',) list_display = ('title', '_get_thumbnail',) def _get_thumbnail(self, obj): return u'<img src="%s" />' % obj.admin_thumbnail.url _get_thumbnail.allow_tags = True
I know this is a rather late answer, but I thought a more complete implementation would be helpful to others...
If you don't have it already with django-filer, get easy_thumbnails pip install easy-thumbnails
.
# -*- coding: utf-8 -*-from django.contrib import adminfrom easy_thumbnails.files import get_thumbnailerfrom models import Photoclass PhotoAdmin(admin.ModelAdmin): list_display = ('_thumbnail', 'title', ) list_display_links = ('_thumbnail', 'title', ) # This makes the icon clickable too readonly_fields = ('_thumbnail', ) fields = ('title', 'photo', ) def _thumbnail(self, obj): if obj.photo: thumbnailer = get_thumbnailer(obj.photo) thumb = thumbnailer.get_thumbnail({ 'crop': True, 'size': (50, 50), # Sharpen it up a little, since its so small... 'detail': True, # Put other options here... }) # Note: we get the actual width/height rather than # hard-coding 50, 50, just to be DRYer return u'<img src="%s" alt="thumbnail: %s" width="%d" height="%d"/>' % (thumb.url, obj.photo.name, thumb.width, thumb.height) else: return "[No Image]" # Optional, Provide a nicer label in the display _thumbnail.short_description = 'Thumbnail' # Required, leaves the markup un-escaped _thumbnail.allow_tags = Trueadmin.site.register(Photo, PhotoAdmin)