[1.6.x] Fixed #21316 -- Documented that modifying safe strings makes them unsafe.

Thanks dev@simon.net.nz for the suggestion and vijay_shanker for the patch. Backport of 1edef50880 from master
2013-10-30 08:11:31 -04:00 · 2013-10-30 08:11:31 -04:00 · da0c7723fa
parent aa645d20df
commit da0c7723fa
1 changed files with 11 additions and 0 deletions
--- a/docs/ref/utils.txt
+++ b/docs/ref/utils.txt
@ -790,6 +790,17 @@ appropriate entities.

    Can be called multiple times on a single string.

+    String marked safe will become unsafe again if modified. For example::
+
+        >>> mystr = '<b>Hello World</b>   '
+        >>> mystr = mark_safe(mystr)
+        >>> type(mystr)
+        <class 'django.utils.safestring.SafeBytes'>
+
+        >>> mystr = mystr.strip()  # removing whitespace
+        >>> type(mystr)
+        <type 'str'>
+
 .. function:: mark_for_escaping(s)

    Explicitly mark a string as requiring HTML escaping upon output. Has no