How to strip html/javascript from text input in django
Django provides an utility function to remove HTML tags:
from django.utils.html import strip_tags
my_string = '<div>Hello, world</div>'
my_string = strip_tags(my_string)
print(my_string)
# Result will be "Hello, world" without the <div> elements
This function used to be unsafe on older Django version (before 1.7) but nowadays it is completely safe to use it. Here is an article that reviewed this issue when it was relevant.
The striptags template filter.
{{ value|striptags }}
Django 3
{{ the_value | striptags | safe | escape }}