From 3c272792d6207147c23d93baa282c0e2e5a4f874 Mon Sep 17 00:00:00 2001 From: Malcolm Tredinnick Date: Thu, 29 Nov 2007 01:44:30 +0000 Subject: [PATCH] Added tests and a small optimisation for [6721]. Thanks SmileyChris. Fixed #6049 git-svn-id: http://code.djangoproject.com/svn/django/trunk@6729 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/template/defaultfilters.py | 4 ++-- tests/regressiontests/templates/filters.py | 16 ++++++++++++++++ tests/regressiontests/templates/tests.py | 7 ++++++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/django/template/defaultfilters.py b/django/template/defaultfilters.py index e62e2e3eaf4..ca03ff87e32 100644 --- a/django/template/defaultfilters.py +++ b/django/template/defaultfilters.py @@ -25,8 +25,8 @@ def stringfilter(func): if args: args = list(args) args[0] = force_unicode(args[0]) - if isinstance(args[0], SafeData) and getattr(func, 'is_safe', False): - return mark_safe(func(*args, **kwargs)) + if isinstance(args[0], SafeData) and getattr(func, 'is_safe', False): + return mark_safe(func(*args, **kwargs)) return func(*args, **kwargs) # Include a reference to the real function (used to check original diff --git a/tests/regressiontests/templates/filters.py b/tests/regressiontests/templates/filters.py index 2a06703948e..4175bdbe5f4 100644 --- a/tests/regressiontests/templates/filters.py +++ b/tests/regressiontests/templates/filters.py @@ -12,6 +12,15 @@ from datetime import datetime, timedelta from django.utils.tzinfo import LocalTimezone from django.utils.safestring import mark_safe +# These two classes are used to test auto-escaping of __unicode__ output. +class UnsafeClass: + def __unicode__(self): + return u'you & me' + +class SafeClass: + def __unicode__(self): + return mark_safe(u'you > me') + # RESULT SYNTAX -- # 'template_name': ('template contents', 'context dict', # 'expected string output' or Exception class) @@ -227,4 +236,11 @@ def get_filter_tests(): 'chaining12': ('{% autoescape off %}{{ a|cut:"b"|safe }}{% endautoescape %}', {"a": "a < b"}, "a < "), 'chaining13': ('{{ a|safe|force_escape }}', {"a": "a < b"}, "a < b"), 'chaining14': ('{% autoescape off %}{{ a|safe|force_escape }}{% endautoescape %}', {"a": "a < b"}, "a < b"), + + # Filters decorated with stringfilter still respect is_safe. + 'autoescape-stringfilter01': (r'{{ unsafe|capfirst }}', {'unsafe': UnsafeClass()}, 'You & me'), + 'autoescape-stringfilter02': (r'{% autoescape off %}{{ unsafe|capfirst }}{% endautoescape %}', {'unsafe': UnsafeClass()}, 'You & me'), + 'autoescape-stringfilter03': (r'{{ safe|capfirst }}', {'safe': SafeClass()}, 'You > me'), + 'autoescape-stringfilter04': (r'{% autoescape off %}{{ safe|capfirst }}{% endautoescape %}', {'safe': SafeClass()}, 'You > me'), } + diff --git a/tests/regressiontests/templates/tests.py b/tests/regressiontests/templates/tests.py index f3c131dd914..cbbd88b06c5 100644 --- a/tests/regressiontests/templates/tests.py +++ b/tests/regressiontests/templates/tests.py @@ -899,7 +899,12 @@ class Templates(unittest.TestCase): # Literal string arguments to filters, if used in the result, are # safe. - 'basic-syntax08': (r'{% autoescape on %}{{ var|default_if_none:" endquote\" hah" }}{% endautoescape %}', {"var": None}, ' endquote" hah'), + 'autoescape-tag08': (r'{% autoescape on %}{{ var|default_if_none:" endquote\" hah" }}{% endautoescape %}', {"var": None}, ' endquote" hah'), + + # Objects which return safe strings as their __unicode__ method + # won't get double-escaped. + 'autoescape-tag09': (r'{{ unsafe }}', {'unsafe': filters.UnsafeClass()}, 'you & me'), + 'autoescape-tag10': (r'{{ safe }}', {'safe': filters.SafeClass()}, 'you > me'), # The "safe" and "escape" filters cannot work due to internal # implementation details (fortunately, the (no)autoescape block