Commit Graph

580 Commits

Author SHA1 Message Date
Preston Timmons ad9ecc2c20 Removed unnecessary __init__ definition from DebugLexer. 2015-02-16 19:00:02 +01:00
Aymeric Augustin 15b711b5ee Deprecated TEMPLATE_DEBUG setting. 2015-02-15 20:47:04 +01:00
Aymeric Augustin 47ee7b48ad Fixed #24338 -- Accepted Template wrapper in {% extends %}.
Explicitly checking for django.template.Template subclasses is
preferrable to duck-typing because both the django.template.Template and
django.template.backends.django.Template have a render() method.

Thanks spectras for the report.
2015-02-14 10:21:06 +01:00
Aymeric Augustin f2c104ada6 Split DTL context creation into its own function.
This reduces the length of rope RequestContext gives users to hang
themselves with.

Thanks Alex Hill for the report and Tim Graham for the review.
2015-02-10 14:34:05 +01:00
Alex Gaynor 8099d33b65 Simplified the lazy CSRF token implementation in csrf context processor.
This significantly improves performance on PyPy. The previous
implementation would generate a new class on every single request,
which is relatively slow.
2015-02-08 15:02:43 -05:00
Collin Anderson db77915c9f Fixed E265 comment style 2015-02-06 09:30:35 -05:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Aymeric Augustin 44ad691558 Fixed #24265 -- Preserved template backend loading exceptions.
If importing or initializing a template backend fails, attempting to
access this template backend again must raise the same exception.
2015-02-05 20:06:18 +01:00
Aymeric Augustin 31d3a35579 Fixed #24273 -- Allowed copying RequestContext more than once.
Thanks Collin Anderson for the report.
2015-02-05 13:21:50 +01:00
Preston Timmons 5bc5ddd8b5 Fixed #24235 -- Removed is_usable attribute from template loaders. 2015-02-04 07:47:28 -05:00
Preston Timmons cd4282816d Fixed #18651 -- Enabled optional assignments for simple_tag(). 2015-02-03 10:44:33 -05:00
Aymeric Augustin 2133f3157e Fixed #24168 -- Allowed selecting a template engine in a few APIs.
Specifically in rendering shortcuts, template responses, and class-based
views that return template responses.

Also added a test for render_to_response(status=...) which was missing
from fdbfc980.

Thanks Tim and Carl for the review.
2015-02-03 08:29:45 +01:00
David Robles d60b96d988 Fixed typo in 'Django Template Language' 2015-01-17 03:05:28 +01:00
Aymeric Augustin 79deb6a071 Accounted for multiple template engines in template responses. 2015-01-12 21:01:34 +01:00
Aymeric Augustin a3e783fe11 Deprecated passing a Context to a generic Template.render.
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.

test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 71b7668b75 Rewrapped TemplateSyntaxError in Jinja2 backend.
Changed import style to avoid confusion between Django's and Jinja2's
APIs.
2015-01-12 21:01:34 +01:00
Ola Sitarska d563e3be68 Fixed #23913 -- Deprecated the `=` comparison in `if` template tag. 2015-01-11 15:21:01 -05:00
Aymeric Augustin eaa1a22341 Added a request argument to render_to_string.
This is for consistency with Template.render.

It adds a little bit of knowledge about HTTP requests in
django.template.loader but I think consistency trumps purity.
2015-01-07 21:54:22 +01:00
Aymeric Augustin 118592663d Exposed Engine in the django.template namespace.
It's the main entrypoint to the refactored template system.
2015-01-07 21:54:22 +01:00
Aymeric Augustin 0cdb09d489 Made context take priority over context processors.
This is the expected behavior, but given RequestContext's tortuous
implementation, a straightforward use of its API results in the
opposite.

This commits fixes a regression that must have happened at different
points in the multiple templates engine refactor for different features.
2015-01-06 22:02:27 +01:00
Aymeric Augustin ed220c4cbe Added comments to remove Engine.render_to_string in Django 2.0.
Since this is a private API introduced in Django 1.8, no documentation
is required.
2015-01-06 22:02:26 +01:00
Preston Timmons de9ebdd39c Fixed #24022 -- Deprecated the ssi tag. 2015-01-05 19:35:02 -05:00
Aymeric Augustin 932d449f00 Explained the structure of django.template. 2014-12-28 17:02:31 +01:00
Aymeric Augustin b7282db833 Raised a warning when using the legacy TEMPLATE_* settings.
All tests now rely on TEMPLATES.
2014-12-28 17:02:31 +01:00
Aymeric Augustin 9eb4f28e89 Deprecated TEMPLATE_CONTEXT_PROCESSORS. 2014-12-28 17:02:31 +01:00
Aymeric Augustin 84d7c93feb Raised an error when allowed_include_roots is a string.
This avoids leaving projects silently vulnerable when this option is set
to a string instead of a one-item tuple containing that string, a very
common misconfiguration.
2014-12-28 17:02:29 +01:00
Aymeric Augustin cf1f36bb6e Deprecated current_app in TemplateResponse and render(_to_response). 2014-12-28 17:02:29 +01:00
Aymeric Augustin e53495ba33 Preserved context class in inclusion_tag.
Previously, when a template was rendered with RequestContext, inclusion
tags were rendered with a plain context, losing additional information
available in the RequestContext.

The (admittedly bizarre) implementation of RequestContext.new() has the
side-effect of not running template context processors, making this
change backwards-compatible.
2014-12-28 17:02:29 +01:00
Aymeric Augustin a0141f9eac Simplified implementation of django.shortcuts.render(_to_response).
*args, **kwargs brought more confusion than concision.
2014-12-28 17:00:07 +01:00
Aymeric Augustin 92e8f1f302 Moved context_processors from django.core to django.template. 2014-12-28 17:00:07 +01:00
Aymeric Augustin c599f233b1 Added a comment about the last use of Engine.get_default(). 2014-12-28 17:00:07 +01:00
Aymeric Augustin 90805b240f Supported multiple template engines in render_to_string.
Adjusted its API through a deprecation path according to the DEP.
2014-12-28 16:23:02 +01:00
Aymeric Augustin f9a6ebf6f5 Removed extraneous arguments in Engine.from_string.
This aligns the Django Template Engine API with the common template
backend API.
2014-12-28 16:23:02 +01:00
Aymeric Augustin f50a09f2cd Removed private API get_template_from_string.
It wasn't documented and it wasn't used anywhere.
2014-12-28 16:23:01 +01:00
Aymeric Augustin 5523e4cdbb Removed private API find_template.
It wasn't documented and it wasn't used anywhere, except in a few tests
that don't test it specifically and can be rewritten with get_template.
2014-12-28 16:23:01 +01:00
Aymeric Augustin 4ea43ac915 Supported multiple template engines in get_template and select_template.
This commit changes the return type of these two functions. Instead of
returning a django.template.Template they return a backend-specific
Template class that must implement render(self, context).
2014-12-28 16:23:01 +01:00
Aymeric Augustin 6854998c8f Looked up the default template engine in the list of all engines. 2014-12-28 16:23:01 +01:00
Aymeric Augustin b34b8a12b7 Passed a reference to the current engine when instantiating Template. 2014-12-28 16:23:00 +01:00
Aymeric Augustin 24dffaf0cb Removed some uses of global APIs from django.template.loader. 2014-12-28 16:23:00 +01:00
Aymeric Augustin 1eca0e95cf Added Django template backend. 2014-12-28 16:08:35 +01:00
Aymeric Augustin 44de7218a5 Added jinja2 template backend. 2014-12-28 16:08:34 +01:00
Aymeric Augustin 86c75996f0 Added dummy template backend. 2014-12-28 16:08:34 +01:00
Aymeric Augustin 1acfd624d6 Added initial support for loading template engines. 2014-12-28 16:08:31 +01:00
Aymeric Augustin b19693e6d8 Imported BaseEngine from the DEP.
i18n is left aside for now.
2014-12-28 15:57:11 +01:00
Aymeric Augustin 7eefdbf7ab Cleaned up the django.template namespace.
Since this package is going to hold both the implementation of the Django
Template Language and the infrastructure for Multiple Template Engines,
it should be untied from the DTL as much as possible within our
backwards-compatibility policy.

Only public APIs (i.e. APIs mentioned in the documentation) were left.
2014-12-28 14:47:31 +01:00
Aymeric Augustin bfa21ddf76 Renamed get_template_from_string to from_string.
The shorter name is just as explicit and, well, shorter.
2014-12-28 14:47:31 +01:00
Aymeric Augustin b3eda6ec3e Simplified handling of a default value. 2014-12-28 14:47:30 +01:00
Aymeric Augustin 6d52f6f8e6 Fixed #23831 -- Supported strings escaped by third-party libs in Django.
Refs #7261 -- Made strings escaped by Django usable in third-party libs.

The changes in mark_safe and mark_for_escaping are straightforward. The
more tricky part is to handle correctly objects that implement __html__.

Historically escape() has escaped SafeData. Even if that doesn't seem a
good behavior, changing it would create security concerns. Therefore
support for __html__() was only added to conditional_escape() where this
concern doesn't exist.

Then using conditional_escape() instead of escape() in the Django
template engine makes it understand data escaped by other libraries.

Template filter |escape accounts for __html__() when it's available.
|force_escape forces the use of Django's HTML escaping implementation.

Here's why the change in render_value_in_context() is safe. Before Django
1.7 conditional_escape() was implemented as follows:

    if isinstance(text, SafeData):
        return text
    else:
        return escape(text)

render_value_in_context() never called escape() on SafeData. Therefore
replacing escape() with conditional_escape() doesn't change the
autoescaping logic as it was originally intended.

This change should be backported to Django 1.7 because it corrects a
feature added in Django 1.7.

Thanks mitsuhiko for the report.
2014-12-27 18:02:34 +01:00
Jon Dufresne 4468c08d70 Fixed #23968 -- Replaced list comprehension with generators and dict comprehension 2014-12-08 07:58:23 -05:00
Berker Peksag 560b4207b1 Removed redundant numbered parameters from str.format().
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00