From 8dd04fd84b4f69c4326e120c301d49a6c00e8e64 Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Sat, 7 Apr 2012 15:16:11 +0000 Subject: [PATCH] Fixed #15683 -- Prevented escaped string to be needlessly marked safe twice in force_escape filter. Thanks tyrion for the initial patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17876 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/template/defaultfilters.py | 2 +- tests/regressiontests/defaultfilters/tests.py | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/django/template/defaultfilters.py b/django/template/defaultfilters.py index f93e799535..3efb73cf96 100644 --- a/django/template/defaultfilters.py +++ b/django/template/defaultfilters.py @@ -419,7 +419,7 @@ def force_escape(value): characters (as opposed to "escape", which marks the content for later possible escaping). """ - return mark_safe(escape(value)) + return escape(value) @register.filter("linebreaks", is_safe=True, needs_autoescape=True) @stringfilter diff --git a/tests/regressiontests/defaultfilters/tests.py b/tests/regressiontests/defaultfilters/tests.py index 38e44d4869..88389be017 100644 --- a/tests/regressiontests/defaultfilters/tests.py +++ b/tests/regressiontests/defaultfilters/tests.py @@ -6,6 +6,7 @@ import decimal from django.template.defaultfilters import * from django.test import TestCase from django.utils import unittest, translation +from django.utils.safestring import SafeData class DefaultFiltersTests(TestCase): @@ -328,9 +329,10 @@ class DefaultFiltersTests(TestCase): u'a string to be mangled') def test_force_escape(self): + escaped = force_escape(u' here') self.assertEqual( - force_escape(u' here'), - u'<some html & special characters > here') + escaped, u'<some html & special characters > here') + self.assertTrue(isinstance(escaped, SafeData)) self.assertEqual( force_escape(u' here ĐÅ€£'), u'<some html & special characters > here'\