django1/django/utils/safestring.py

"""
Functions for working with "safe strings": strings that can be displayed safely
without further escaping in HTML. Marking something as a "safe string" means
that the producer of the string has already turned characters that should not
be interpreted by the HTML engine (e.g. '<') into the appropriate entities.
"""

from django.utils.functional import Promise, wraps


class SafeData:
    def __html__(self):
        """
        Return the html representation of a string for interoperability.

        This allows other template engines to understand Django's SafeData.
        """
        return self


class SafeBytes(bytes, SafeData):
    """
    A bytes subclass that has been specifically marked as "safe" (requires no
    further escaping) for HTML output purposes.

    Kept in Django 2.0 for usage by apps supporting Python 2. Shouldn't be used
    in Django anymore.
    """
    def __add__(self, rhs):
        """
        Concatenating a safe byte string with another safe byte string or safe
        string is safe. Otherwise, the result is no longer safe.
        """
        t = super().__add__(rhs)
        if isinstance(rhs, SafeText):
            return SafeText(t)
        elif isinstance(rhs, SafeBytes):
            return SafeBytes(t)
        return t


class SafeText(str, SafeData):
    """
    A str subclass that has been specifically marked as "safe" for HTML output
    purposes.
    """
    def __add__(self, rhs):
        """
        Concatenating a safe string with another safe byte string or
        safe string is safe. Otherwise, the result is no longer safe.
        """
        t = super().__add__(rhs)
        if isinstance(rhs, SafeData):
            return SafeText(t)
        return t

    def __str__(self):
        return self


SafeString = SafeText


def _safety_decorator(safety_marker, func):
    @wraps(func)
    def wrapped(*args, **kwargs):
        return safety_marker(func(*args, **kwargs))
    return wrapped


def mark_safe(s):
    """
    Explicitly mark a string as safe for (HTML) output purposes. The returned
    object can be used everywhere a string is appropriate.

    If used on a method as a decorator, mark the returned data as safe.

    Can be called multiple times on a single string.
    """
    if hasattr(s, '__html__'):
        return s
    if isinstance(s, (str, Promise)):
        return SafeText(s)
    if callable(s):
        return _safety_decorator(mark_safe, s)
    return SafeText(str(s))
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
			`Functions for working with "safe strings": strings that can be displayed safely`
			`without further escaping in HTML. Marking something as a "safe string" means`
			`that the producer of the string has already turned characters that should not`
			`be interpreted by the HTML engine (e.g. '<') into the appropriate entities.`
			`"""`
Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-11 00:46:47 +08:00
Refs #23919 -- Removed usage of obsolete SafeBytes class The class will be removed as part of #27753. Thanks Tim Graham for the review. 2017-01-26 16:37:07 +08:00			`from django.utils.functional import Promise, wraps`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
More attacking E302 violators 2013-11-03 04:12:09 +08:00
Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 15:39:46 +08:00			`class SafeData:`
Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00			`def __html__(self):`
			`"""`
Refs #27656 -- Updated django.utils docstring verbs according to PEP 257. 2017-01-25 04:32:33 +08:00			`Return the html representation of a string for interoperability.`
Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00
Fixed #23831 -- Supported strings escaped by third-party libs in Django. Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter \|escape accounts for __html__() when it's available. \|force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. 2014-12-24 05:29:01 +08:00			`This allows other template engines to understand Django's SafeData.`
Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00			`"""`
			`return self`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
Correct flake8 E302 violations 2013-11-03 07:53:29 +08:00
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`class SafeBytes(bytes, SafeData):`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`A bytes subclass that has been specifically marked as "safe" (requires no`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`further escaping) for HTML output purposes.`
Refs #23919 -- Removed usage of obsolete SafeBytes class The class will be removed as part of #27753. Thanks Tim Graham for the review. 2017-01-26 16:37:07 +08:00
			`Kept in Django 2.0 for usage by apps supporting Python 2. Shouldn't be used`
			`in Django anymore.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
			`def __add__(self, rhs):`
			`"""`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`Concatenating a safe byte string with another safe byte string or safe`
Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-21 05:04:05 +08:00			`string is safe. Otherwise, the result is no longer safe.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-21 21:13:44 +08:00			`t = super().__add__(rhs)`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`if isinstance(rhs, SafeText):`
			`return SafeText(t)`
			`elif isinstance(rhs, SafeBytes):`
			`return SafeBytes(t)`
Fixed #6071 -- Fixed another infinite recursion problem in SafeString and SafeUnicode. Thanks, Trey Long. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6845 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-12-03 04:17:10 +08:00			`return t`
[py3] Replaced unicode/str by six.text_type/bytes. 2012-07-20 20:48:51 +08:00
Correct flake8 E302 violations 2013-11-03 07:53:29 +08:00
Refs #23919 -- Removed six.<various>_types usage Thanks Tim Graham and Simon Charette for the reviews. 2016-12-29 23:27:49 +08:00			`class SafeText(str, SafeData):`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Refs #23919 -- Removed six.<various>_types usage Thanks Tim Graham and Simon Charette for the reviews. 2016-12-29 23:27:49 +08:00			`A str subclass that has been specifically marked as "safe" for HTML output`
			`purposes.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
			`def __add__(self, rhs):`
			`"""`
Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-21 05:04:05 +08:00			`Concatenating a safe string with another safe byte string or`
			`safe string is safe. Otherwise, the result is no longer safe.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-21 21:13:44 +08:00			`t = super().__add__(rhs)`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`if isinstance(rhs, SafeData):`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`return SafeText(t)`
Fixed #6071 -- Fixed another infinite recursion problem in SafeString and SafeUnicode. Thanks, Trey Long. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6845 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-12-03 04:17:10 +08:00			`return t`
[py3] Replaced unicode/str by six.text_type/bytes. 2012-07-20 20:48:51 +08:00
Refs #27795 -- Prevented SafeText from losing safe status on str() This will allow to replace force_text() by str() in several places (as one of the features of force_text is to keep the safe status). 2017-01-31 02:15:59 +08:00			`def __str__(self):`
			`return self`

Fixed E305 flake8 warnings. 2016-11-13 01:11:23 +08:00
Refs #23919 -- Removed six.PY2/PY3 usage Thanks Tim Graham for the review. 2016-12-01 18:38:01 +08:00			`SafeString = SafeText`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00
Correct flake8 E302 violations 2013-11-03 07:53:29 +08:00
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`def _safety_decorator(safety_marker, func):`
			`@wraps(func)`
			`def wrapped(args, *kwargs):`
			`return safety_marker(func(args, *kwargs))`
			`return wrapped`


Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`def mark_safe(s):`
			`"""`
			`Explicitly mark a string as safe for (HTML) output purposes. The returned`
Refs #23919 -- Removed unneeded str() calls 2017-01-20 17:20:53 +08:00			`object can be used everywhere a string is appropriate.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`If used on a method as a decorator, mark the returned data as safe.`

Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`Can be called multiple times on a single string.`
			`"""`
Fixed #23831 -- Supported strings escaped by third-party libs in Django. Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter \|escape accounts for __html__() when it's available. \|force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. 2014-12-24 05:29:01 +08:00			`if hasattr(s, '__html__'):`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`return s`
Refs #23919 -- Removed six.<various>_types usage Thanks Tim Graham and Simon Charette for the reviews. 2016-12-29 23:27:49 +08:00			`if isinstance(s, (str, Promise)):`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00			`return SafeText(s)`
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`if callable(s):`
			`return _safety_decorator(mark_safe, s)`
Refs #23919 -- Removed usage of obsolete SafeBytes class The class will be removed as part of #27753. Thanks Tim Graham for the review. 2017-01-26 16:37:07 +08:00			`return SafeText(str(s))`