From bdb0b903c2885a3f4b7f0282b8ba04267a1fc29e Mon Sep 17 00:00:00 2001
From: Malcolm Tredinnick <malcolm.tredinnick@gmail.com>
Date: Wed, 14 Nov 2007 21:07:27 +0000
Subject: [PATCH] Content coming via {{ block.super }} is always going to be
 correctly escaped already. We mark it as safe so that template authors don't
 need to.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@6673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/template/loader_tags.py           |  3 ++-
 docs/templates.txt                       |  6 +++++-
 tests/regressiontests/templates/tests.py | 18 +++++++++---------
 3 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/django/template/loader_tags.py b/django/template/loader_tags.py
index 652fda11cef..c83768ef911 100644
--- a/django/template/loader_tags.py
+++ b/django/template/loader_tags.py
@@ -2,6 +2,7 @@ from django.template import TemplateSyntaxError, TemplateDoesNotExist, Variable
 from django.template import Library, Node
 from django.template.loader import get_template, get_template_from_string, find_template_source
 from django.conf import settings
+from django.utils.safestring import mark_safe
 
 register = Library()
 
@@ -26,7 +27,7 @@ class BlockNode(Node):
 
     def super(self):
         if self.parent:
-            return self.parent.render(self.context)
+            return mark_safe(self.parent.render(self.context))
         return ''
 
     def add_parent(self, nodelist):
diff --git a/docs/templates.txt b/docs/templates.txt
index b85f108bbe1..020586159c1 100644
--- a/docs/templates.txt
+++ b/docs/templates.txt
@@ -280,7 +280,9 @@ Here are some tips for working with inheritance:
     * If you need to get the content of the block from the parent template,
       the ``{{ block.super }}`` variable will do the trick. This is useful
       if you want to add to the contents of a parent block instead of
-      completely overriding it.
+      completely overriding it. Data inserted using ``{{ block.super }}`` will
+      not be automatically escaped (see the `next section`_), since it was
+      already escaped, if necessary, in the parent template.
 
     * For extra readability, you can optionally give a *name* to your
       ``{% endblock %}`` tag. For example::
@@ -299,6 +301,8 @@ it also defines the content that fills the hole in the *parent*. If there were
 two similarly-named ``{% block %}`` tags in a template, that template's parent
 wouldn't know which one of the blocks' content to use.
 
+.. _next section: #automatic-html-escaping
+
 Automatic HTML escaping
 =======================
 
diff --git a/tests/regressiontests/templates/tests.py b/tests/regressiontests/templates/tests.py
index d52e8f0abf2..90dfa60b17a 100644
--- a/tests/regressiontests/templates/tests.py
+++ b/tests/regressiontests/templates/tests.py
@@ -617,7 +617,7 @@ class Templates(unittest.TestCase):
             ### INHERITANCE ###########################################################
 
             # Standard template with no inheritance
-            'inheritance01': ("1{% block first %}_{% endblock %}3{% block second %}_{% endblock %}", {}, '1_3_'),
+            'inheritance01': ("1{% block first %}&{% endblock %}3{% block second %}_{% endblock %}", {}, '1&3_'),
 
             # Standard two-level inheritance
             'inheritance02': ("{% extends 'inheritance01' %}{% block first %}2{% endblock %}{% block second %}4{% endblock %}", {}, '1234'),
@@ -626,7 +626,7 @@ class Templates(unittest.TestCase):
             'inheritance03': ("{% extends 'inheritance02' %}", {}, '1234'),
 
             # Two-level with no redefinitions on second level
-            'inheritance04': ("{% extends 'inheritance01' %}", {}, '1_3_'),
+            'inheritance04': ("{% extends 'inheritance01' %}", {}, '1&3_'),
 
             # Two-level with double quotes instead of single quotes
             'inheritance05': ('{% extends "inheritance02" %}', {}, '1234'),
@@ -635,16 +635,16 @@ class Templates(unittest.TestCase):
             'inheritance06': ("{% extends foo %}", {'foo': 'inheritance02'}, '1234'),
 
             # Two-level with one block defined, one block not defined
-            'inheritance07': ("{% extends 'inheritance01' %}{% block second %}5{% endblock %}", {}, '1_35'),
+            'inheritance07': ("{% extends 'inheritance01' %}{% block second %}5{% endblock %}", {}, '1&35'),
 
             # Three-level with one block defined on this level, two blocks defined next level
             'inheritance08': ("{% extends 'inheritance02' %}{% block second %}5{% endblock %}", {}, '1235'),
 
             # Three-level with second and third levels blank
-            'inheritance09': ("{% extends 'inheritance04' %}", {}, '1_3_'),
+            'inheritance09': ("{% extends 'inheritance04' %}", {}, '1&3_'),
 
             # Three-level with space NOT in a block -- should be ignored
-            'inheritance10': ("{% extends 'inheritance04' %}      ", {}, '1_3_'),
+            'inheritance10': ("{% extends 'inheritance04' %}      ", {}, '1&3_'),
 
             # Three-level with both blocks defined on this level, but none on second level
             'inheritance11': ("{% extends 'inheritance04' %}{% block first %}2{% endblock %}{% block second %}4{% endblock %}", {}, '1234'),
@@ -656,7 +656,7 @@ class Templates(unittest.TestCase):
             'inheritance13': ("{% extends 'inheritance02' %}{% block first %}a{% endblock %}{% block second %}b{% endblock %}", {}, '1a3b'),
 
             # A block defined only in a child template shouldn't be displayed
-            'inheritance14': ("{% extends 'inheritance01' %}{% block newblock %}NO DISPLAY{% endblock %}", {}, '1_3_'),
+            'inheritance14': ("{% extends 'inheritance01' %}{% block newblock %}NO DISPLAY{% endblock %}", {}, '1&3_'),
 
             # A block within another block
             'inheritance15': ("{% extends 'inheritance01' %}{% block first %}2{% block inner %}inner{% endblock %}{% endblock %}", {}, '12inner3_'),
@@ -674,16 +674,16 @@ class Templates(unittest.TestCase):
             'inheritance19': ("{% extends 'inheritance01' %}{% block first %}{% load testtags %}{% echo 400 %}5678{% endblock %}", {}, '140056783_'),
 
             # Two-level inheritance with {{ block.super }}
-            'inheritance20': ("{% extends 'inheritance01' %}{% block first %}{{ block.super }}a{% endblock %}", {}, '1_a3_'),
+            'inheritance20': ("{% extends 'inheritance01' %}{% block first %}{{ block.super }}a{% endblock %}", {}, '1&a3_'),
 
             # Three-level inheritance with {{ block.super }} from parent
             'inheritance21': ("{% extends 'inheritance02' %}{% block first %}{{ block.super }}a{% endblock %}", {}, '12a34'),
 
             # Three-level inheritance with {{ block.super }} from grandparent
-            'inheritance22': ("{% extends 'inheritance04' %}{% block first %}{{ block.super }}a{% endblock %}", {}, '1_a3_'),
+            'inheritance22': ("{% extends 'inheritance04' %}{% block first %}{{ block.super }}a{% endblock %}", {}, '1&a3_'),
 
             # Three-level inheritance with {{ block.super }} from parent and grandparent
-            'inheritance23': ("{% extends 'inheritance20' %}{% block first %}{{ block.super }}b{% endblock %}", {}, '1_ab3_'),
+            'inheritance23': ("{% extends 'inheritance20' %}{% block first %}{{ block.super }}b{% endblock %}", {}, '1&ab3_'),
 
             # Inheritance from local context without use of template loader
             'inheritance24': ("{% extends context_template %}{% block first %}2{% endblock %}{% block second %}4{% endblock %}", {'context_template': template.Template("1{% block first %}_{% endblock %}3{% block second %}_{% endblock %}")}, '1234'),