How to Run JavaScript Inside HTML Fields in Odoo 17?

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Buchhaltung
Lager
PoS
Project
MRP

All apps

Alle Beiträge Personen Abzeichen

Stichwörter (Alle anzeigen)

odoo accounting v14 pos v15

Über dieses Forum

Hilfe

How to Run JavaScript Inside HTML Fields in Odoo 17?

javascript wizard odoo 17

2 Antworten

2265 Ansichten

Jacky

Hi everyone,

I'm trying to include JavaScript inside an HTML field in Odoo 17, but the script doesn't seem to execute. Here's the code I'm working with:

Copy code
html_field = fields.HTML("HTML Data", sanitize=False, compute="_compute_html")

def _compute_html(self):
    self.html_field = """<script>console.log('TEST')</script>"""

The HTML field is defined as a computed field, and I have set sanitize=False to allow raw HTML. However, when I load the view, the JavaScript inside the <script> tag does not run.

The reason I need this is to call a modal or wizard dynamically in my custom form template. The data for the form is fetched using custom logic with PostgreSQL queries, so I was hoping to inject the JavaScript for triggering the modal or wizard directly into the HTML field.

Does Odoo block scripts in HTML fields by design? If so, how can I achieve this functionality? Is there a recommended way to include JavaScript for modals or wizards in custom templates while still leveraging Odoo's framework?

Any guidance would be greatly appreciated!

Cybrosys Techno Solutions Pvt.Ltd

Hi,

Yes, Odoo blocks JavaScript execution inside HTML fields by design, even if you set sanitize=False. This is primarily for security reasons, to prevent XSS (Cross-Site Scripting) vulnerabilities.

Why <script> Doesn’t Work:

Even though you're using sanitize=False, Odoo’s rendering engine and modern browsers strip or ignore script tags in HTML fields for safety. This behavior is expected and intended.

Recommended Alternatives:

If you need to trigger modals or wizards dynamically, there are better and safer ways to do this in Odoo:

1. Use t-att-onclick or JS event binding in QWeb templates

Instead of injecting JS directly, attach an event handler to an element:

<button type="button" class="btn btn-primary" t-att-onclick="'trigger_modal(%d)' % record.id">Open Modal</button>

Then define the JS function trigger_modal() in your custom JS file loaded via assets.

2. Use @odoo-module JS to handle events

Create a custom JavaScript module that listens for button clicks and triggers a modal or action:

/** @odoo-module **/

import { Component } from "@odoo/owl";

import { registry } from "@web/core/registry";

class MyModalComponent extends Component {

setup() {

// modal logic here

}

registry.category("actions").add("my_module.my_modal_action", MyModalComponent);

Then trigger it from Python or with do_action in JS.

3. Use do_action() in JS

If you're in a web context (e.g. custom JS), use:

this.do_action({

type: 'ir.actions.act_window',

res_model: 'your.model',

view_mode: 'form',

target: 'new',

});

This opens a wizard/modal cleanly and in line with Odoo standards.

While injecting JS into an HTML field might seem like a shortcut, it's not recommended and won’t work reliably in Odoo 17 due to built-in restrictions. Instead, use Odoo's JS framework and do_action() to build interactive features like modals or wizards.

Hope it helps

Akhilesh N S

Even though you've set sanitize=False on the HTML field, Odoo may still be applying some additional sanitization or escaping to the HTML content, which could prevent the script from running

To achieve the functionality you're looking for, you can consider use of an Odoo Widget with JavaScript

You can find the example from module im_livechat

script_external = fields.Html( 'Script (external)' , compute = '_compute_script_external' , store = False , readonly = True , sanitize = False )

def _compute_script_external(self):
    values = {
        "dbname": self._cr.dbname,
    }
    for record in self:

        values["channel_id"] = record.id
        values["url"] = record.get_base_url()
        record.script_external = self.env['ir.qweb']._render('im_livechat.external_loader', values) if record.id else False

<template id ="external_loader" name ="Livechat : external_script field of livechat channel" > 
    <!-- the loader --> 
    <script t-attf-src ="{{url}}/im_livechat/loader/{{channel_id }}" type ="text/javascript" /> 
    <!-- js of all the required lib (internal and external) --> 
    <script t-attf-src ="{{url}}/im_livechat/assets_embed.js " type ="text/javascript" /> 
</template>

Diskutieren Sie gerne? Treten Sie bei, statt nur zu lesen!

Erstellen Sie heute ein Konto, um exklusive Funktionen zu nutzen und mit unserer tollen Community zu interagieren!

Registrieren

Verknüpfte Beiträge	Antworten	Ansichten
Open a wizard when clicking on "save" in a form in edit mode [Odoo 9] javascript wizard odoo9	0 Aug. 16	576
Unable to display CogMenuItem only in specific views javascript views actions odoo 17	0 Apr. 25	936
How can i inherit from the save button of a wizard at Odoo 17. wizard inheritance leaves odoo 17	1 Jan. 25	1271
Widget to many2many widget javascript wizard many2many many2many_tags	0 März 21	3310
How to call a wizard from a systray button in Odoo 12? Gelöst javascript wizard odoo12.0 systray	1 Aug. 19	6353

Diese Frage wurde gekennzeichnet

Diskutieren Sie gerne? Treten Sie bei, statt nur zu lesen!