Complete the code to safely display a variable in a Django template.
<p>{{ [1] }}</p>In Django templates, variables like {{ user_input }} are automatically escaped to prevent XSS.
Complete the code to mark a string as safe and avoid escaping in a Django template.
<p>{{ [1] }}</p>|escape which actually escapes the string.|raw which is not a Django template filter.The |safe filter tells Django not to escape the variable, so HTML tags are rendered as HTML.
Fix the error in the template code to prevent XSS by escaping user input.
<div>{{ [1] }}</div>safe which disables escaping and can cause XSS.raw which is not a valid Django filter.The escape filter ensures that any HTML in user_input is shown as text, preventing XSS.
Fill both blanks to create a safe link with escaped URL and safe link text.
<a href="{{ [1] }}">{{ [2] }}</a>
The URL should be escaped to prevent injection, while the link text can be marked safe if it contains trusted HTML.
Fill all three blanks to safely render a user comment with escaped content and safe username.
<div class="comment"> <strong>{{ [1] }}</strong> <p>{{ [2] }}</p> <small>{{ [3] }}</small> </div>
The username is marked safe if trusted, the comment text is escaped to prevent XSS, and the date is shown as is.