Fixed #33302 -- Made element_id optional argument for json_script template filter.

Added versionchanged note in documentation
This commit is contained in:
Baptiste Mispelon 2021-11-19 16:52:57 +01:00 committed by Mariusz Felisiak
parent dd528cb2ce
commit e6e664a711
6 changed files with 28 additions and 9 deletions

View File

@ -83,10 +83,10 @@ def escapejs_filter(value):
@register.filter(is_safe=True) @register.filter(is_safe=True)
def json_script(value, element_id): def json_script(value, element_id=None):
""" """
Output value JSON-encoded, wrapped in a <script type="application/json"> Output value JSON-encoded, wrapped in a <script type="application/json">
tag. tag (with an optional id).
""" """
return _json_script(value, element_id) return _json_script(value, element_id)

View File

@ -61,7 +61,7 @@ _json_script_escapes = {
} }
def json_script(value, element_id): def json_script(value, element_id=None):
""" """
Escape all the HTML/XML special characters with their unicode escapes, so Escape all the HTML/XML special characters with their unicode escapes, so
value is safe to be output anywhere except for inside a tag attribute. Wrap value is safe to be output anywhere except for inside a tag attribute. Wrap
@ -69,10 +69,13 @@ def json_script(value, element_id):
""" """
from django.core.serializers.json import DjangoJSONEncoder from django.core.serializers.json import DjangoJSONEncoder
json_str = json.dumps(value, cls=DjangoJSONEncoder).translate(_json_script_escapes) json_str = json.dumps(value, cls=DjangoJSONEncoder).translate(_json_script_escapes)
return format_html( if element_id:
'<script id="{}" type="application/json">{}</script>', template = '<script id="{}" type="application/json">{}</script>'
element_id, mark_safe(json_str) args = (element_id, mark_safe(json_str))
) else:
template = '<script type="application/json">{}</script>'
args = (mark_safe(json_str),)
return format_html(template, *args)
def conditional_escape(text): def conditional_escape(text):

View File

@ -1832,7 +1832,7 @@ If ``value`` is the list ``['a', 'b', 'c']``, the output will be the string
Safely outputs a Python object as JSON, wrapped in a ``<script>`` tag, ready Safely outputs a Python object as JSON, wrapped in a ``<script>`` tag, ready
for use with JavaScript. for use with JavaScript.
**Argument:** HTML "id" of the ``<script>`` tag. **Argument:** The optional HTML "id" of the ``<script>`` tag.
For example:: For example::
@ -1861,6 +1861,10 @@ This is compatible with a strict Content Security Policy that prohibits in-page
script execution. It also maintains a clean separation between passive data and script execution. It also maintains a clean separation between passive data and
executable code. executable code.
.. versionchanged:: 4.1
In older versions, the HTML "id" was a required argument.
.. templatefilter:: last .. templatefilter:: last
``last`` ``last``

View File

@ -210,7 +210,8 @@ Signals
Templates Templates
~~~~~~~~~ ~~~~~~~~~
* ... * :tfilter:`json_script` template filter now allows wrapping in a ``<script>``
tag without the HTML ``id`` attribute.
Tests Tests
~~~~~ ~~~~~

View File

@ -17,3 +17,8 @@ class JsonScriptTests(SimpleTestCase):
'{"a": "testing\\r\\njson \'string\\" \\u003Cb\\u003Eescaping\\u003C/b\\u003E"}' '{"a": "testing\\r\\njson \'string\\" \\u003Cb\\u003Eescaping\\u003C/b\\u003E"}'
'</script>' '</script>'
) )
@setup({'json-tag02': '{{ value|json_script }}'})
def test_without_id(self):
output = self.engine.render_to_string('json-tag02', {'value': {}})
self.assertEqual(output, '<script type="application/json">{}</script>')

View File

@ -173,6 +173,12 @@ class TestUtilsHtml(SimpleTestCase):
with self.subTest(arg=arg): with self.subTest(arg=arg):
self.assertEqual(json_script(arg, 'test_id'), expected) self.assertEqual(json_script(arg, 'test_id'), expected)
def test_json_script_without_id(self):
self.assertHTMLEqual(
json_script({'key': 'value'}),
'<script type="application/json">{"key": "value"}</script>',
)
def test_smart_urlquote(self): def test_smart_urlquote(self):
items = ( items = (
('http://öäü.com/', 'http://xn--4ca9at.com/'), ('http://öäü.com/', 'http://xn--4ca9at.com/'),