Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #20296 -- Allowed SafeData and EscapeData to be lazy

  • Loading branch information...
commit 2ee447fb5f8974b432d3dd421af9a242215aea44 1 parent be0bab1
Baptiste Mispelon authored April 20, 2013 claudep committed May 25, 2013
10  django/utils/safestring.py
@@ -4,7 +4,7 @@
4 4
 that the producer of the string has already turned characters that should not
5 5
 be interpreted by the HTML engine (e.g. '<') into the appropriate entities.
6 6
 """
7  
-from django.utils.functional import curry, Promise
  7
+from django.utils.functional import curry, Promise, allow_lazy
8 8
 from django.utils import six
9 9
 
10 10
 class EscapeData(object):
@@ -14,13 +14,13 @@ class EscapeBytes(bytes, EscapeData):
14 14
     """
15 15
     A byte string that should be HTML-escaped when output.
16 16
     """
17  
-    pass
  17
+    __new__ = allow_lazy(bytes.__new__, bytes)
18 18
 
19 19
 class EscapeText(six.text_type, EscapeData):
20 20
     """
21 21
     A unicode string object that should be HTML-escaped when output.
22 22
     """
23  
-    pass
  23
+    __new__ = allow_lazy(six.text_type.__new__, six.text_type)
24 24
 
25 25
 if six.PY3:
26 26
     EscapeString = EscapeText
@@ -37,6 +37,8 @@ class SafeBytes(bytes, SafeData):
37 37
     A bytes subclass that has been specifically marked as "safe" (requires no
38 38
     further escaping) for HTML output purposes.
39 39
     """
  40
+    __new__ = allow_lazy(bytes.__new__, bytes)
  41
+
40 42
     def __add__(self, rhs):
41 43
         """
42 44
         Concatenating a safe byte string with another safe byte string or safe
@@ -69,6 +71,8 @@ class SafeText(six.text_type, SafeData):
69 71
     A unicode (Python 2) / str (Python 3) subclass that has been specifically
70 72
     marked as "safe" for HTML output purposes.
71 73
     """
  74
+    __new__ = allow_lazy(six.text_type.__new__, six.text_type)
  75
+
72 76
     def __add__(self, rhs):
73 77
         """
74 78
         Concatenating a safe unicode string with another safe byte string or
53  tests/utils_tests/test_safestring.py
... ...
@@ -0,0 +1,53 @@
  1
+from __future__ import absolute_import, unicode_literals
  2
+
  3
+
  4
+from django.template import Template, Context
  5
+from django.test import TestCase
  6
+from django.utils.encoding import force_text, force_bytes
  7
+from django.utils.functional import lazy, Promise
  8
+from django.utils.html import escape, conditional_escape
  9
+from django.utils.safestring import mark_safe, mark_for_escaping
  10
+from django.utils import six
  11
+from django.utils import translation
  12
+
  13
+lazystr = lazy(force_text, six.text_type)
  14
+lazybytes = lazy(force_bytes, bytes)
  15
+
  16
+
  17
+class SafeStringTest(TestCase):
  18
+    def assertRenderEqual(self, tpl, expected, **context):
  19
+        context = Context(context)
  20
+        tpl = Template(tpl)
  21
+        self.assertEqual(tpl.render(context), expected)
  22
+
  23
+    def test_mark_safe(self):
  24
+        s = mark_safe('a&b')
  25
+
  26
+        self.assertRenderEqual('{{ s }}', 'a&b', s=s)
  27
+        self.assertRenderEqual('{{ s|force_escape }}', 'a&amp;b', s=s)
  28
+
  29
+    def test_mark_safe_lazy(self):
  30
+        s = lazystr('a&b')
  31
+        b = lazybytes(b'a&b')
  32
+
  33
+        self.assertIsInstance(mark_safe(s), Promise)
  34
+        self.assertIsInstance(mark_safe(b), Promise)
  35
+        self.assertRenderEqual('{{ s }}', 'a&b', s=mark_safe(s))
  36
+
  37
+    def test_mark_for_escaping(self):
  38
+        s = mark_for_escaping('a&b')
  39
+        self.assertRenderEqual('{{ s }}', 'a&amp;b', s=s)
  40
+        self.assertRenderEqual('{{ s }}', 'a&amp;b', s=mark_for_escaping(s))
  41
+
  42
+    def test_mark_for_escaping_lazy(self):
  43
+        s = lazystr('a&b')
  44
+        b = lazybytes(b'a&b')
  45
+
  46
+        self.assertIsInstance(mark_for_escaping(s), Promise)
  47
+        self.assertIsInstance(mark_for_escaping(b), Promise)
  48
+        self.assertRenderEqual('{% autoescape off %}{{ s }}{% endautoescape %}', 'a&amp;b', s=mark_for_escaping(s))
  49
+
  50
+    def test_regression_20296(self):
  51
+        s = mark_safe(translation.ugettext_lazy("username"))
  52
+        with translation.override('fr'):
  53
+            self.assertRenderEqual('{{ s }}', "nom d'utilisateur", s=s)

0 notes on commit 2ee447f

Please sign in to comment.
Something went wrong with that request. Please try again.