Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Revert "Fixed #20296 -- Allowed SafeData and EscapeData to be lazy"

This reverts commit 2ee447f.

That commit introduced a regression (#21882) and didn't really
do what it was supposed to: while it did delay the evaluation
of lazy objects passed to mark_safe(), they weren't actually
marked as such so they could end up being escaped twice.

Refs #21882.
  • Loading branch information...
commit a878bf9b093bf15d751b070d132fec52a7523a47 1 parent a0fc7fa
Baptiste Mispelon bmispelon authored
Showing with 9 additions and 18 deletions.
  1. +3 −7 django/utils/safestring.py
  2. +6 −11 tests/utils_tests/test_safestring.py
10 django/utils/safestring.py
View
@@ -4,7 +4,7 @@
that the producer of the string has already turned characters that should not
be interpreted by the HTML engine (e.g. '<') into the appropriate entities.
"""
-from django.utils.functional import curry, Promise, allow_lazy
+from django.utils.functional import curry, Promise
from django.utils import six
@@ -16,14 +16,14 @@ class EscapeBytes(bytes, EscapeData):
"""
A byte string that should be HTML-escaped when output.
"""
- __new__ = allow_lazy(bytes.__new__, bytes)
+ pass
class EscapeText(six.text_type, EscapeData):
"""
A unicode string object that should be HTML-escaped when output.
"""
- __new__ = allow_lazy(six.text_type.__new__, six.text_type)
+ pass
if six.PY3:
EscapeString = EscapeText
@@ -48,8 +48,6 @@ class SafeBytes(bytes, SafeData):
A bytes subclass that has been specifically marked as "safe" (requires no
further escaping) for HTML output purposes.
"""
- __new__ = allow_lazy(bytes.__new__, bytes)
-
def __add__(self, rhs):
"""
Concatenating a safe byte string with another safe byte string or safe
@@ -83,8 +81,6 @@ class SafeText(six.text_type, SafeData):
A unicode (Python 2) / str (Python 3) subclass that has been specifically
marked as "safe" for HTML output purposes.
"""
- __new__ = allow_lazy(six.text_type.__new__, six.text_type)
-
def __add__(self, rhs):
"""
Concatenating a safe unicode string with another safe byte string or
17 tests/utils_tests/test_safestring.py
View
@@ -3,8 +3,8 @@
from django.template import Template, Context
from django.test import TestCase
from django.utils.encoding import force_text, force_bytes
-from django.utils.functional import lazy, Promise
-from django.utils.safestring import mark_safe, mark_for_escaping
+from django.utils.functional import lazy
+from django.utils.safestring import mark_safe, mark_for_escaping, SafeData, EscapeData
from django.utils import six
from django.utils import translation
@@ -28,8 +28,8 @@ def test_mark_safe_lazy(self):
s = lazystr('a&b')
b = lazybytes(b'a&b')
- self.assertIsInstance(mark_safe(s), Promise)
- self.assertIsInstance(mark_safe(b), Promise)
+ self.assertIsInstance(mark_safe(s), SafeData)
+ self.assertIsInstance(mark_safe(b), SafeData)
self.assertRenderEqual('{{ s }}', 'a&b', s=mark_safe(s))
def test_mark_for_escaping(self):
@@ -41,15 +41,10 @@ def test_mark_for_escaping_lazy(self):
s = lazystr('a&b')
b = lazybytes(b'a&b')
- self.assertIsInstance(mark_for_escaping(s), Promise)
- self.assertIsInstance(mark_for_escaping(b), Promise)
+ self.assertIsInstance(mark_for_escaping(s), EscapeData)
+ self.assertIsInstance(mark_for_escaping(b), EscapeData)
self.assertRenderEqual('{% autoescape off %}{{ s }}{% endautoescape %}', 'a&amp;b', s=mark_for_escaping(s))
- def test_regression_20296(self):
- s = mark_safe(translation.ugettext_lazy("username"))
- with translation.override('fr'):
- self.assertRenderEqual('{{ s }}', "nom d'utilisateur", s=s)
-
def test_html(self):
s = '<h1>interop</h1>'
self.assertEqual(s, mark_safe(s).__html__())
Please sign in to comment.
Something went wrong with that request. Please try again.