mirror of https://github.com/django/django.git
Fixed #15683 -- Prevented escaped string to be needlessly marked safe twice in force_escape filter. Thanks tyrion for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17876 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
8663bc1103
commit
8dd04fd84b
|
@ -419,7 +419,7 @@ def force_escape(value):
|
||||||
characters (as opposed to "escape", which marks the content for later
|
characters (as opposed to "escape", which marks the content for later
|
||||||
possible escaping).
|
possible escaping).
|
||||||
"""
|
"""
|
||||||
return mark_safe(escape(value))
|
return escape(value)
|
||||||
|
|
||||||
@register.filter("linebreaks", is_safe=True, needs_autoescape=True)
|
@register.filter("linebreaks", is_safe=True, needs_autoescape=True)
|
||||||
@stringfilter
|
@stringfilter
|
||||||
|
|
|
@ -6,6 +6,7 @@ import decimal
|
||||||
from django.template.defaultfilters import *
|
from django.template.defaultfilters import *
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
from django.utils import unittest, translation
|
from django.utils import unittest, translation
|
||||||
|
from django.utils.safestring import SafeData
|
||||||
|
|
||||||
|
|
||||||
class DefaultFiltersTests(TestCase):
|
class DefaultFiltersTests(TestCase):
|
||||||
|
@ -328,9 +329,10 @@ class DefaultFiltersTests(TestCase):
|
||||||
u'a string to be mangled')
|
u'a string to be mangled')
|
||||||
|
|
||||||
def test_force_escape(self):
|
def test_force_escape(self):
|
||||||
|
escaped = force_escape(u'<some html & special characters > here')
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
force_escape(u'<some html & special characters > here'),
|
escaped, u'<some html & special characters > here')
|
||||||
u'<some html & special characters > here')
|
self.assertTrue(isinstance(escaped, SafeData))
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
force_escape(u'<some html & special characters > here ĐÅ€£'),
|
force_escape(u'<some html & special characters > here ĐÅ€£'),
|
||||||
u'<some html & special characters > here'\
|
u'<some html & special characters > here'\
|
||||||
|
|
Loading…
Reference in New Issue