Revert "Fixed #20296 -- Allowed SafeData and EscapeData to be lazy"

This reverts commit 2ee447fb5f.

That commit introduced a regression (#21882) and didn't really
do what it was supposed to: while it did delay the evaluation
of lazy objects passed to mark_safe(), they weren't actually
marked as such so they could end up being escaped twice.

Refs #21882.
This commit is contained in:
Baptiste Mispelon 2014-02-05 05:16:39 +01:00
parent a0fc7fa5df
commit a878bf9b09
2 changed files with 9 additions and 18 deletions

View File

@ -4,7 +4,7 @@ without further escaping in HTML. Marking something as a "safe string" means
that the producer of the string has already turned characters that should not that the producer of the string has already turned characters that should not
be interpreted by the HTML engine (e.g. '<') into the appropriate entities. be interpreted by the HTML engine (e.g. '<') into the appropriate entities.
""" """
from django.utils.functional import curry, Promise, allow_lazy from django.utils.functional import curry, Promise
from django.utils import six from django.utils import six
@ -16,14 +16,14 @@ class EscapeBytes(bytes, EscapeData):
""" """
A byte string that should be HTML-escaped when output. A byte string that should be HTML-escaped when output.
""" """
__new__ = allow_lazy(bytes.__new__, bytes) pass
class EscapeText(six.text_type, EscapeData): class EscapeText(six.text_type, EscapeData):
""" """
A unicode string object that should be HTML-escaped when output. A unicode string object that should be HTML-escaped when output.
""" """
__new__ = allow_lazy(six.text_type.__new__, six.text_type) pass
if six.PY3: if six.PY3:
EscapeString = EscapeText EscapeString = EscapeText
@ -48,8 +48,6 @@ class SafeBytes(bytes, SafeData):
A bytes subclass that has been specifically marked as "safe" (requires no A bytes subclass that has been specifically marked as "safe" (requires no
further escaping) for HTML output purposes. further escaping) for HTML output purposes.
""" """
__new__ = allow_lazy(bytes.__new__, bytes)
def __add__(self, rhs): def __add__(self, rhs):
""" """
Concatenating a safe byte string with another safe byte string or safe Concatenating a safe byte string with another safe byte string or safe
@ -83,8 +81,6 @@ class SafeText(six.text_type, SafeData):
A unicode (Python 2) / str (Python 3) subclass that has been specifically A unicode (Python 2) / str (Python 3) subclass that has been specifically
marked as "safe" for HTML output purposes. marked as "safe" for HTML output purposes.
""" """
__new__ = allow_lazy(six.text_type.__new__, six.text_type)
def __add__(self, rhs): def __add__(self, rhs):
""" """
Concatenating a safe unicode string with another safe byte string or Concatenating a safe unicode string with another safe byte string or

View File

@ -3,8 +3,8 @@ from __future__ import unicode_literals
from django.template import Template, Context from django.template import Template, Context
from django.test import TestCase from django.test import TestCase
from django.utils.encoding import force_text, force_bytes from django.utils.encoding import force_text, force_bytes
from django.utils.functional import lazy, Promise from django.utils.functional import lazy
from django.utils.safestring import mark_safe, mark_for_escaping from django.utils.safestring import mark_safe, mark_for_escaping, SafeData, EscapeData
from django.utils import six from django.utils import six
from django.utils import translation from django.utils import translation
@ -28,8 +28,8 @@ class SafeStringTest(TestCase):
s = lazystr('a&b') s = lazystr('a&b')
b = lazybytes(b'a&b') b = lazybytes(b'a&b')
self.assertIsInstance(mark_safe(s), Promise) self.assertIsInstance(mark_safe(s), SafeData)
self.assertIsInstance(mark_safe(b), Promise) self.assertIsInstance(mark_safe(b), SafeData)
self.assertRenderEqual('{{ s }}', 'a&b', s=mark_safe(s)) self.assertRenderEqual('{{ s }}', 'a&b', s=mark_safe(s))
def test_mark_for_escaping(self): def test_mark_for_escaping(self):
@ -41,15 +41,10 @@ class SafeStringTest(TestCase):
s = lazystr('a&b') s = lazystr('a&b')
b = lazybytes(b'a&b') b = lazybytes(b'a&b')
self.assertIsInstance(mark_for_escaping(s), Promise) self.assertIsInstance(mark_for_escaping(s), EscapeData)
self.assertIsInstance(mark_for_escaping(b), Promise) self.assertIsInstance(mark_for_escaping(b), EscapeData)
self.assertRenderEqual('{% autoescape off %}{{ s }}{% endautoescape %}', 'a&amp;b', s=mark_for_escaping(s)) self.assertRenderEqual('{% autoescape off %}{{ s }}{% endautoescape %}', 'a&amp;b', s=mark_for_escaping(s))
def test_regression_20296(self):
s = mark_safe(translation.ugettext_lazy("username"))
with translation.override('fr'):
self.assertRenderEqual('{{ s }}', "nom d'utilisateur", s=s)
def test_html(self): def test_html(self):
s = '<h1>interop</h1>' s = '<h1>interop</h1>'
self.assertEqual(s, mark_safe(s).__html__()) self.assertEqual(s, mark_safe(s).__html__())