django1/django/utils/safestring.py

"""
Functions for working with "safe strings": strings that can be displayed safely
without further escaping in HTML. Marking something as a "safe string" means
that the producer of the string has already turned characters that should not
be interpreted by the HTML engine (e.g. '<') into the appropriate entities.
"""

from functools import wraps


class SafeData:
    __slots__ = ()

    def __html__(self):
        """
        Return the html representation of a string for interoperability.

        This allows other template engines to understand Django's SafeData.
        """
        return self


class SafeString(str, SafeData):
    """
    A str subclass that has been specifically marked as "safe" for HTML output
    purposes.
    """

    __slots__ = ()

    def __add__(self, rhs):
        """
        Concatenating a safe string with another safe bytestring or
        safe string is safe. Otherwise, the result is no longer safe.
        """
        t = super().__add__(rhs)
        if isinstance(rhs, SafeData):
            return SafeString(t)
        return t

    def __str__(self):
        return self


SafeText = SafeString  # For backwards compatibility since Django 2.0.


def _safety_decorator(safety_marker, func):
    @wraps(func)
    def wrapped(*args, **kwargs):
        return safety_marker(func(*args, **kwargs))

    return wrapped


def mark_safe(s):
    """
    Explicitly mark a string as safe for (HTML) output purposes. The returned
    object can be used everywhere a string is appropriate.

    If used on a method as a decorator, mark the returned data as safe.

    Can be called multiple times on a single string.
    """
    if hasattr(s, "__html__"):
        return s
    if callable(s):
        return _safety_decorator(mark_safe, s)
    return SafeString(s)
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
			`Functions for working with "safe strings": strings that can be displayed safely`
			`without further escaping in HTML. Marking something as a "safe string" means`
			`that the producer of the string has already turned characters that should not`
			`be interpreted by the HTML engine (e.g. '<') into the appropriate entities.`
			`"""`
Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-11 00:46:47 +08:00
Fixed outdated import in django/utils/safestring.py. The backported version of functools.wraps was removed in 13864703bc1d5dd4dac63c96c6a4b42a392bc57f. 2019-12-06 16:31:33 +08:00			`from functools import wraps`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
More attacking E302 violators 2013-11-03 04:12:09 +08:00
Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 15:39:46 +08:00			`class SafeData:`
Fixed #33465 -- Added empty __slots__ to SafeString and SafeData. Despite inheriting from the str type, every SafeString instance gains an empty __dict__ due to the normal, expected behaviour of type subclassing in Python. Adding __slots__ to SafeData is necessary, because otherwise inheriting from that (as SafeString does) will give it a __dict__ and negate the benefit added by modifying SafeString. 2022-01-25 17:53:03 +08:00			`__slots__ = ()`

Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00			`def __html__(self):`
			`"""`
Refs #27656 -- Updated django.utils docstring verbs according to PEP 257. 2017-01-25 04:32:33 +08:00			`Return the html representation of a string for interoperability.`
Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00
Fixed #23831 -- Supported strings escaped by third-party libs in Django. Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter \|escape accounts for __html__() when it's available. \|force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. 2014-12-24 05:29:01 +08:00			`This allows other template engines to understand Django's SafeData.`
Fixed #7261 -- support for __html__ for library interoperability The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches. 2013-10-15 06:40:52 +08:00			`"""`
			`return self`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
Correct flake8 E302 violations 2013-11-03 07:53:29 +08:00
Refs #27753 -- Favored SafeString over SafeText. 2019-02-05 22:38:29 +08:00			`class SafeString(str, SafeData):`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Refs #23919 -- Removed six.<various>_types usage Thanks Tim Graham and Simon Charette for the reviews. 2016-12-29 23:27:49 +08:00			`A str subclass that has been specifically marked as "safe" for HTML output`
			`purposes.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Fixed #33465 -- Added empty __slots__ to SafeString and SafeData. Despite inheriting from the str type, every SafeString instance gains an empty __dict__ due to the normal, expected behaviour of type subclassing in Python. Adding __slots__ to SafeData is necessary, because otherwise inheriting from that (as SafeString does) will give it a __dict__ and negate the benefit added by modifying SafeString. 2022-01-25 17:53:03 +08:00
			`__slots__ = ()`

Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`def __add__(self, rhs):`
			`"""`
Fixed "byte string" typo in various docs and comments. 2019-03-27 19:15:53 +08:00			`Concatenating a safe string with another safe bytestring or`
Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-21 05:04:05 +08:00			`safe string is safe. Otherwise, the result is no longer safe.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`"""`
Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-21 21:13:44 +08:00			`t = super().__add__(rhs)`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`if isinstance(rhs, SafeData):`
Refs #27753 -- Favored SafeString over SafeText. 2019-02-05 22:38:29 +08:00			`return SafeString(t)`
Fixed #6071 -- Fixed another infinite recursion problem in SafeString and SafeUnicode. Thanks, Trey Long. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6845 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-12-03 04:17:10 +08:00			`return t`
[py3] Replaced unicode/str by six.text_type/bytes. 2012-07-20 20:48:51 +08:00
Refs #27795 -- Prevented SafeText from losing safe status on str() This will allow to replace force_text() by str() in several places (as one of the features of force_text is to keep the safe status). 2017-01-31 02:15:59 +08:00			`def __str__(self):`
			`return self`

Fixed E305 flake8 warnings. 2016-11-13 01:11:23 +08:00
Refs #27753 -- Favored SafeString over SafeText. 2019-02-05 22:38:29 +08:00			`SafeText = SafeString # For backwards compatibility since Django 2.0.`
[py3] Ported django.utils.safestring. Backwards compatibility aliases were created under Python 2. 2012-08-18 22:04:06 +08:00
Correct flake8 E302 violations 2013-11-03 07:53:29 +08:00
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`def _safety_decorator(safety_marker, func):`
			`@wraps(func)`
			`def wrapped(args, *kwargs):`
			`return safety_marker(func(args, *kwargs))`
Refs #33476 -- Reformatted code with Black. 2022-02-04 03:24:19 +08:00
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`return wrapped`


Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`def mark_safe(s):`
			`"""`
			`Explicitly mark a string as safe for (HTML) output purposes. The returned`
Refs #23919 -- Removed unneeded str() calls 2017-01-20 17:20:53 +08:00			`object can be used everywhere a string is appropriate.`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`If used on a method as a decorator, mark the returned data as safe.`

Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`Can be called multiple times on a single string.`
			`"""`
Fixed #23831 -- Supported strings escaped by third-party libs in Django. Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter \|escape accounts for __html__() when it's available. \|force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. 2014-12-24 05:29:01 +08:00			`if hasattr(s, "__html__"):`
Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359 See documentation in templates.txt and templates_python.txt for how everything works. Backwards incompatible if you're inserting raw HTML output via template variables. Based on an original design from Simon Willison and with debugging help from Michael Radziej. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-11-14 20:58:53 +08:00			`return s`
Fixed #10107 -- Allowed using mark_safe() as a decorator. Thanks ArcTanSusan for the initial patch. 2016-06-03 05:11:43 +08:00			`if callable(s):`
			`return _safety_decorator(mark_safe, s)`
Refs #27753 -- Favored SafeString over SafeText. 2019-02-05 22:38:29 +08:00			`return SafeString(s)`