Permalink
Browse files

Marked messages as 'safe' in view instead of in template.

This is much more preferable, as it provides compatibility with the Django
admin (and probably other apps) that do it this way i.e.  do not use 'safe'
in the template that outputs the message.
  • Loading branch information...
1 parent c0d4392 commit 18fd1054e8b030f40036b8ec46aa1bf9f4baaf6c @spookylukey spookylukey committed Aug 9, 2011
Showing with 6 additions and 5 deletions.
  1. +5 −4 djiki/views.py
  2. +1 −1 templates/base.html
View
@@ -6,6 +6,7 @@
from django.shortcuts import get_object_or_404
from django.template import RequestContext, loader
from django.utils.translation import ugettext as _
+from django.utils.safestring import mark_safe
from django.views.generic.simple import direct_to_template
from urllib import urlencode, quote
from . import models, forms, utils
@@ -33,11 +34,11 @@ def view(request, title, revision_pk=None):
revision = page.revisions.get(pk=revision_pk)
except models.PageRevision.DoesNotExist:
return HttpResponseNotFound()
- messages.info(request, _("The version you are viewing is not the latest one, "
+ messages.info(request, mark_safe(_("The version you are viewing is not the latest one, "
"but represents an older revision of this page, which may have been "
"significantly modified. If it is not what you intended to view, "
"<a href=\"%(url)s\">proceed to the latest version</a>.") % {
- 'url': reverse('djiki-page-view', kwargs={'title': url_title})})
+ 'url': reverse('djiki-page-view', kwargs={'title': url_title})}))
else:
revision = page.last_revision()
if request.REQUEST.get('raw', ''):
@@ -72,10 +73,10 @@ def edit(request, title):
if form.is_valid():
if is_preview:
preview_content = form.cleaned_data.get('content', form.data['content'])
- messages.info(request, _("The content you see on this page is shown only as "
+ messages.info(request, mark_safe(_("The content you see on this page is shown only as "
"a preview. <strong>No changes have been saved yet.</strong> Please "
"review the modifications and use the <em>Save</em> button to store "
- "them permanently."))
+ "them permanently.")))
else:
form.save()
return HttpResponseRedirect(
View
@@ -30,7 +30,7 @@
<div class="grid_12">
<ul>
{% for msg in messages %}
- <li class="{{ msg.tags }}">{{ msg|safe }}</li>
+ <li class="{{ msg.tags }}">{{ msg }}</li>
{% endfor %}
</ul>
</div>

0 comments on commit 18fd105

Please sign in to comment.