Rewrapped TemplateSyntaxError in Jinja2 backend.
Changed import style to avoid confusion between Django's and Jinja2's APIs.
This commit is contained in:
parent
4c413e231c
commit
71b7668b75
|
@ -4,12 +4,11 @@ from __future__ import absolute_import
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.template import TemplateDoesNotExist
|
from django.template import TemplateDoesNotExist, TemplateSyntaxError
|
||||||
from django.utils import six
|
from django.utils import six
|
||||||
from django.utils.module_loading import import_string
|
from django.utils.module_loading import import_string
|
||||||
|
|
||||||
from jinja2 import (
|
import jinja2
|
||||||
DebugUndefined, FileSystemLoader, TemplateNotFound, Undefined)
|
|
||||||
|
|
||||||
from .base import BaseEngine
|
from .base import BaseEngine
|
||||||
from .utils import csrf_input_lazy, csrf_token_lazy
|
from .utils import csrf_input_lazy, csrf_token_lazy
|
||||||
|
@ -28,10 +27,10 @@ class Jinja2(BaseEngine):
|
||||||
environment_cls = import_string(environment)
|
environment_cls = import_string(environment)
|
||||||
|
|
||||||
options.setdefault('autoescape', True)
|
options.setdefault('autoescape', True)
|
||||||
options.setdefault('loader', FileSystemLoader(self.template_dirs))
|
options.setdefault('loader', jinja2.FileSystemLoader(self.template_dirs))
|
||||||
options.setdefault('auto_reload', settings.DEBUG)
|
options.setdefault('auto_reload', settings.DEBUG)
|
||||||
options.setdefault('undefined',
|
options.setdefault('undefined',
|
||||||
DebugUndefined if settings.DEBUG else Undefined)
|
jinja2.DebugUndefined if settings.DEBUG else jinja2.Undefined)
|
||||||
|
|
||||||
self.env = environment_cls(**options)
|
self.env = environment_cls(**options)
|
||||||
|
|
||||||
|
@ -41,9 +40,12 @@ class Jinja2(BaseEngine):
|
||||||
def get_template(self, template_name):
|
def get_template(self, template_name):
|
||||||
try:
|
try:
|
||||||
return Template(self.env.get_template(template_name))
|
return Template(self.env.get_template(template_name))
|
||||||
except TemplateNotFound as exc:
|
except jinja2.TemplateNotFound as exc:
|
||||||
six.reraise(TemplateDoesNotExist, TemplateDoesNotExist(exc.args),
|
six.reraise(TemplateDoesNotExist, TemplateDoesNotExist(exc.args),
|
||||||
sys.exc_info()[2])
|
sys.exc_info()[2])
|
||||||
|
except jinja2.TemplateSyntaxError as exc:
|
||||||
|
six.reraise(TemplateSyntaxError, TemplateSyntaxError(exc.args),
|
||||||
|
sys.exc_info()[2])
|
||||||
|
|
||||||
|
|
||||||
class Template(object):
|
class Template(object):
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
{% block %}
|
|
@ -0,0 +1 @@
|
||||||
|
{% block %}
|
|
@ -4,7 +4,7 @@ from __future__ import unicode_literals
|
||||||
|
|
||||||
from django.http import HttpRequest
|
from django.http import HttpRequest
|
||||||
from django.middleware.csrf import CsrfViewMiddleware, get_token
|
from django.middleware.csrf import CsrfViewMiddleware, get_token
|
||||||
from django.template import TemplateDoesNotExist
|
from django.template import TemplateDoesNotExist, TemplateSyntaxError
|
||||||
from django.template.backends.dummy import TemplateStrings
|
from django.template.backends.dummy import TemplateStrings
|
||||||
from django.test import SimpleTestCase
|
from django.test import SimpleTestCase
|
||||||
|
|
||||||
|
@ -39,6 +39,14 @@ class TemplateStringsTests(SimpleTestCase):
|
||||||
with self.assertRaises(TemplateDoesNotExist):
|
with self.assertRaises(TemplateDoesNotExist):
|
||||||
self.engine.get_template('template_backends/non_existing.html')
|
self.engine.get_template('template_backends/non_existing.html')
|
||||||
|
|
||||||
|
def test_get_template_syntax_error(self):
|
||||||
|
# There's no way to trigger a syntax error with the dummy backend.
|
||||||
|
# The test still lives here to factor it between other backends.
|
||||||
|
if self.backend_name == 'dummy':
|
||||||
|
return
|
||||||
|
with self.assertRaises(TemplateSyntaxError):
|
||||||
|
self.engine.get_template('template_backends/syntax_error.html')
|
||||||
|
|
||||||
def test_html_escaping(self):
|
def test_html_escaping(self):
|
||||||
template = self.engine.get_template('template_backends/hello.html')
|
template = self.engine.get_template('template_backends/hello.html')
|
||||||
context = {'name': '<script>alert("XSS!");</script>'}
|
context = {'name': '<script>alert("XSS!");</script>'}
|
||||||
|
|
Loading…
Reference in New Issue