Fixed #27803 -- Kept safe status of lazy safe strings in conditional_escape

django/utils/html.py

@@ -6,7 +6,7 @@ from urllib.parse import (
 )
 
 from django.utils.encoding import force_text
-from django.utils.functional import keep_lazy, keep_lazy_text
+from django.utils.functional import Promise, keep_lazy, keep_lazy_text
 from django.utils.http import RFC3986_GENDELIMS, RFC3986_SUBDELIMS
 from django.utils.safestring import SafeData, SafeText, mark_safe
 from django.utils.text import normalize_newlines
@@ -79,6 +79,8 @@ def conditional_escape(text):
     This function relies on the __html__ convention used both by Django's
     SafeData class and by third-party libraries like markupsafe.
     """
+    if isinstance(text, Promise):
+        text = str(text)
     if hasattr(text, '__html__'):
         return text.__html__()
     else:

tests/utils_tests/test_html.py

@@ -170,6 +170,7 @@ class TestUtilsHtml(SimpleTestCase):
         s = '<h1>interop</h1>'
         self.assertEqual(conditional_escape(s), '&lt;h1&gt;interop&lt;/h1&gt;')
         self.assertEqual(conditional_escape(mark_safe(s)), s)
+        self.assertEqual(conditional_escape(lazystr(mark_safe(s))), s)
 
     def test_html_safe(self):
         @html_safe