Fixed #29412 -- Stopped marking slugify() result as HTML safe.
This commit is contained in:
Claude Paroz
Tim Graham
parent
861638a307
commit
b004bd62e8
|
|
@ -4,10 +4,7 @@ import unicodedata
|
|||
from gzip import GzipFile
|
||||
from io import BytesIO
|
||||
|
||||
from django.utils.functional import (
|
||||
SimpleLazyObject, keep_lazy, keep_lazy_text, lazy,
|
||||
)
|
||||
from django.utils.safestring import SafeText, mark_safe
|
||||
from django.utils.functional import SimpleLazyObject, keep_lazy_text, lazy
|
||||
from django.utils.translation import gettext as _, gettext_lazy, pgettext
|
||||
|
||||
|
||||
|
|
@ -399,7 +396,7 @@ def unescape_string_literal(s):
|
|||
return s[1:-1].replace(r'\%s' % quote, quote).replace(r'\\', '\\')
|
||||
|
||||
|
||||
@keep_lazy(str, SafeText)
|
||||
@keep_lazy_text
|
||||
def slugify(value, allow_unicode=False):
|
||||
"""
|
||||
Convert to ASCII if 'allow_unicode' is False. Convert spaces to hyphens.
|
||||
|
|
@ -412,7 +409,7 @@ def slugify(value, allow_unicode=False):
|
|||
else:
|
||||
value = unicodedata.normalize('NFKD', value).encode('ascii', 'ignore').decode('ascii')
|
||||
value = re.sub(r'[^\w\s-]', '', value).strip().lower()
|
||||
return mark_safe(re.sub(r'[-\s]+', '-', value))
|
||||
return re.sub(r'[-\s]+', '-', value)
|
||||
|
||||
|
||||
def camel_case_to_spaces(value):
|
||||
|
|
|
|||
|
|
@ -244,6 +244,9 @@ Miscellaneous
|
|||
* For consistency with WSGI servers, the test client now sets the
|
||||
``Content-Length`` header to a string rather than an integer.
|
||||
|
||||
* The return value of :func:`django.utils.text.slugify` is no longer marked as
|
||||
HTML safe.
|
||||
|
||||
.. _deprecated-features-2.2:
|
||||
|
||||
Features deprecated in 2.2
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
from django.template import Context, Template
|
||||
from django.test import SimpleTestCase
|
||||
from django.utils import html, text
|
||||
from django.utils import html
|
||||
from django.utils.functional import lazy, lazystr
|
||||
from django.utils.safestring import SafeData, mark_safe
|
||||
|
||||
|
|
@ -69,10 +69,6 @@ class SafeStringTest(SimpleTestCase):
|
|||
s += mark_safe('&b')
|
||||
self.assertRenderEqual('{{ s }}', 'a&b', s=s)
|
||||
|
||||
s = text.slugify(lazystr('a'))
|
||||
s += mark_safe('&b')
|
||||
self.assertRenderEqual('{{ s }}', 'a&b', s=s)
|
||||
|
||||
def test_mark_safe_as_decorator(self):
|
||||
"""
|
||||
mark_safe used as a decorator leaves the result of a function
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import json
|
||||
import sys
|
||||
|
||||
from django.test import SimpleTestCase
|
||||
from django.utils import text
|
||||
|
|
@ -179,6 +180,8 @@ class TestUtilsText(SimpleTestCase):
|
|||
)
|
||||
for value, output, is_unicode in items:
|
||||
self.assertEqual(text.slugify(value, allow_unicode=is_unicode), output)
|
||||
# interning the result may be useful, e.g. when fed to Path.
|
||||
self.assertEqual(sys.intern(text.slugify('a')), 'a')
|
||||
|
||||
def test_unescape_entities(self):
|
||||
items = [
|
||||
|
|
|
|||
Loading…
Reference in New Issue