Fixed #13114 -- Modified escapejs to produce output that is JSON compliant. Thanks to David Danier for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12780 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Russell Keith-Magee
parent
4dfe6190fa
commit
beca4b8109
|
|
@ -69,22 +69,22 @@ capfirst.is_safe=True
|
||||||
capfirst = stringfilter(capfirst)
|
capfirst = stringfilter(capfirst)
|
||||||
|
|
||||||
_base_js_escapes = (
|
_base_js_escapes = (
|
||||||
('\\', r'\x5C'),
|
('\\', r'\u005C'),
|
||||||
('\'', r'\x27'),
|
('\'', r'\u0027'),
|
||||||
('"', r'\x22'),
|
('"', r'\u0022'),
|
||||||
('>', r'\x3E'),
|
('>', r'\u003E'),
|
||||||
('<', r'\x3C'),
|
('<', r'\u003C'),
|
||||||
('&', r'\x26'),
|
('&', r'\u0026'),
|
||||||
('=', r'\x3D'),
|
('=', r'\u003D'),
|
||||||
('-', r'\x2D'),
|
('-', r'\u002D'),
|
||||||
(';', r'\x3B'),
|
(';', r'\u003B'),
|
||||||
(u'\u2028', r'\u2028'),
|
(u'\u2028', r'\u2028'),
|
||||||
(u'\u2029', r'\u2029')
|
(u'\u2029', r'\u2029')
|
||||||
)
|
)
|
||||||
|
|
||||||
# Escape every ASCII character with a value less than 32.
|
# Escape every ASCII character with a value less than 32.
|
||||||
_js_escapes = (_base_js_escapes +
|
_js_escapes = (_base_js_escapes +
|
||||||
tuple([('%c' % z, '\\x%02X' % z) for z in range(32)]))
|
tuple([('%c' % z, '\\u%04X' % z) for z in range(32)]))
|
||||||
|
|
||||||
def escapejs(value):
|
def escapejs(value):
|
||||||
"""Hex encodes characters for use in JavaScript strings."""
|
"""Hex encodes characters for use in JavaScript strings."""
|
||||||
|
|
|
||||||
|
|
@ -906,8 +906,8 @@ use keyword syntax::
|
||||||
|
|
||||||
{% url path.to.some_view arg1=v1,arg2=v2 %}
|
{% url path.to.some_view arg1=v1,arg2=v2 %}
|
||||||
|
|
||||||
Do not mix both positional and keyword syntax in a single call. All arguments
|
Do not mix both positional and keyword syntax in a single call. All arguments
|
||||||
required by the URLconf should be present.
|
required by the URLconf should be present.
|
||||||
|
|
||||||
For example, suppose you have a view, ``app_views.client``, whose URLconf
|
For example, suppose you have a view, ``app_views.client``, whose URLconf
|
||||||
takes a client ID (here, ``client()`` is a method inside the views file
|
takes a client ID (here, ``client()`` is a method inside the views file
|
||||||
|
|
@ -1262,7 +1262,7 @@ For example::
|
||||||
{{ value|escapejs }}
|
{{ value|escapejs }}
|
||||||
|
|
||||||
If ``value`` is ``"testing\r\njavascript \'string" <b>escaping</b>"``,
|
If ``value`` is ``"testing\r\njavascript \'string" <b>escaping</b>"``,
|
||||||
the output will be ``"testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E"``.
|
the output will be ``"testing\\u000D\\u000Ajavascript \\u0027string\\u0022 \\u003Cb\\u003Eescaping\\u003C/b\\u003E"``.
|
||||||
|
|
||||||
.. templatefilter:: filesizeformat
|
.. templatefilter:: filesizeformat
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -72,16 +72,16 @@ u'\\\\ : backslashes, too'
|
||||||
u'Hello world'
|
u'Hello world'
|
||||||
|
|
||||||
>>> escapejs(u'"double quotes" and \'single quotes\'')
|
>>> escapejs(u'"double quotes" and \'single quotes\'')
|
||||||
u'\\x22double quotes\\x22 and \\x27single quotes\\x27'
|
u'\\u0022double quotes\\u0022 and \\u0027single quotes\\u0027'
|
||||||
|
|
||||||
>>> escapejs(ur'\ : backslashes, too')
|
>>> escapejs(ur'\ : backslashes, too')
|
||||||
u'\\x5C : backslashes, too'
|
u'\\u005C : backslashes, too'
|
||||||
|
|
||||||
>>> escapejs(u'and lots of whitespace: \r\n\t\v\f\b')
|
>>> escapejs(u'and lots of whitespace: \r\n\t\v\f\b')
|
||||||
u'and lots of whitespace: \\x0D\\x0A\\x09\\x0B\\x0C\\x08'
|
u'and lots of whitespace: \\u000D\\u000A\\u0009\\u000B\\u000C\\u0008'
|
||||||
|
|
||||||
>>> escapejs(ur'<script>and this</script>')
|
>>> escapejs(ur'<script>and this</script>')
|
||||||
u'\\x3Cscript\\x3Eand this\\x3C/script\\x3E'
|
u'\\u003Cscript\\u003Eand this\\u003C/script\\u003E'
|
||||||
|
|
||||||
>>> escapejs(u'paragraph separator:\u2029and line separator:\u2028')
|
>>> escapejs(u'paragraph separator:\u2029and line separator:\u2028')
|
||||||
u'paragraph separator:\\u2029and line separator:\\u2028'
|
u'paragraph separator:\\u2029and line separator:\\u2028'
|
||||||
|
|
|
||||||
|
|
@ -295,8 +295,8 @@ def get_filter_tests():
|
||||||
'autoescape-stringfilter03': (r'{{ safe|capfirst }}', {'safe': SafeClass()}, 'You > me'),
|
'autoescape-stringfilter03': (r'{{ safe|capfirst }}', {'safe': SafeClass()}, 'You > me'),
|
||||||
'autoescape-stringfilter04': (r'{% autoescape off %}{{ safe|capfirst }}{% endautoescape %}', {'safe': SafeClass()}, 'You > me'),
|
'autoescape-stringfilter04': (r'{% autoescape off %}{{ safe|capfirst }}{% endautoescape %}', {'safe': SafeClass()}, 'You > me'),
|
||||||
|
|
||||||
'escapejs01': (r'{{ a|escapejs }}', {'a': 'testing\r\njavascript \'string" <b>escaping</b>'}, 'testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
|
'escapejs01': (r'{{ a|escapejs }}', {'a': 'testing\r\njavascript \'string" <b>escaping</b>'}, 'testing\\u000D\\u000Ajavascript \\u0027string\\u0022 \\u003Cb\\u003Eescaping\\u003C/b\\u003E'),
|
||||||
'escapejs02': (r'{% autoescape off %}{{ a|escapejs }}{% endautoescape %}', {'a': 'testing\r\njavascript \'string" <b>escaping</b>'}, 'testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
|
'escapejs02': (r'{% autoescape off %}{{ a|escapejs }}{% endautoescape %}', {'a': 'testing\r\njavascript \'string" <b>escaping</b>'}, 'testing\\u000D\\u000Ajavascript \\u0027string\\u0022 \\u003Cb\\u003Eescaping\\u003C/b\\u003E'),
|
||||||
|
|
||||||
|
|
||||||
# length filter.
|
# length filter.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue