HTML escaping is on by default in Django templates.
Autoescape is a tag. not a filter:
{% autoescape on %}
{{ post.content }}
{% endautoescape %}
The ‘escape’ filter escapes a string’s HTML. Specifically, it makes these replacements:
- < is converted to
< - > is converted to
> - ‘ (single quote) is converted to
' - ” (double quote) is converted to
" - & is converted to
&
The ‘force_escape’ is almost identical to ‘escape’ except for a few corner cases.
The ‘safe’ filter will mark your content as safe, so it won’t be escaped (will be sent to browser as is).
Which filter should I use to have special characters converted to html entities automatically?
Well, you mean, like converting à to � Stick with utf-8 encoding all the way and forget about those.