Very newbie question, but please be gentle with me. Our site uses Django CMS and we're trying to insert some javascript into particular stories, but it appears Django is stripping out any javascript or iframes we put in there as soon as we save the story. How do we allow javascript to be used in stories? Is it being deliberately excluded, or do we need to code this function into the site?
Any help would be incredibly appreciated.
Django is probably automatically escaping the content the javascript / html as the template renders the content. It does this for security purposes.
The solution depends on which version of django you're running, whether you'll be rendering any content from untrusted sources, how the templates are put together and perhaps the view that prepares the content for the template.
Django doesn't strip out javascript, because it is client side agnostic.
How are you inserting javascript into your website? If you are trying to put it into database (like ) it will escaped.