In Django, you would write something like this: window.location = ' { { url|escapejs }}'; Also, if this is inline javascript—in an HTML document, not a separate .js file—then you still shouldn’t escape the ampersand, which means the document will not validate as XHTML.