[1.1.X] Fixed #6752 -- Corrected the interaction of the safe template filter with other filters. Thanks to Rupe and Alex Gaynor for their work on the patch.

Backport of r13171 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@13177 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-09 06:51:07 +00:00 · 2010-05-09 06:51:07 +00:00 · c772e39d34
parent 2ee73c2f4e
commit c772e39d34
1 changed files with 10 additions and 0 deletions
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@ -1477,6 +1477,16 @@ safe
 Marks a string as not requiring further HTML escaping prior to output. When
 autoescaping is off, this filter has no effect.

+.. note::
+
+    If you are chaining filters, a filter applied after ``safe`` can
+    make the contents unsafe again. For example, the following code
+    prints the variable as is, unescaped:
+
+    .. code-block:: html+django
+
+        {{ var|safe|escape }}
+
 .. templatefilter:: safeseq

 safeseq