Templating

Open Forms provides templating solutions for form-designers (see Sjablonen), built on top of the Django Template Language.

Templating functionality is gradually becoming public API for other apps/packages.

Module: openforms.template

Reference

Module functionality

Expose template functionality as public API.

The template package provides generic template rendering constructs. Features are:

  • Option to sandbox templates to only allow safe-ish public API

  • Utilities to evaluate templates from string (user-contributed content and inherently unsafe).

Possible future features:

  • Caching for string-based templates

openforms.template.parse(source: str, backend=<openforms.template.backends.sandboxed_django.SandboxedDjangoTemplates object>)

Parse the template fragment using the specified backend.

Returns

A template instance of the specified backend

Raises

django.template.TemplateSyntaxError if there are any syntax errors

openforms.template.render_from_string(source: str, context: dict, backend=<openforms.template.backends.sandboxed_django.SandboxedDjangoTemplates object>, disable_autoescape: bool = False) str

Render a template source string using the provided context.

Parameters

  • source – The template source to render

  • context – The context data for the template to render

  • backend – An optional alternative Django template backend instance to use. Defaults to the sandboxed backend.

  • disable_autoescape – Disable escaping of HTML in source.

Raises

django.template.TemplateSyntaxError if the template source is invalid

template.sandbox_backend = <openforms.template.backends.sandboxed_django.SandboxedDjangoTemplates object>
template.openforms_backend = <SimpleLazyObject: <openforms.template.backends.sandboxed_django.SandboxedDjangoTemplates object>>

Validators

class openforms.template.validators.DjangoTemplateValidator(*args, **kwargs)

Validate template code to be a valid Django template.

This validators ensure that the template is syntactically correct. Additionally, it can enforce the presence of certain required template tags.

Backends

class openforms.template.backends.sandboxed_django.SandboxedDjangoTemplates(params)

A ‘sandboxed’ Django templates backend.

The sandboxed backend (by default) does not allow:

  • looking up template files from file-system

  • loading or using non-builtin templatetag libraries (except for the l10n library)

get_templatetag_libraries(custom_libraries: dict) dict

Do not automatically discover template tag libraries.

This prevents user-content from loading and using the libraries that are private API to Open Forms.