Permalink
Browse files

Escaping and testing output of ErrorDict.

  • Loading branch information...
1 parent c49ff6f commit c10feca8f95d228b5ef44c60c229863e91bfcf1d @gregmuellegger committed Jun 10, 2011
Showing with 5 additions and 1 deletion.
  1. +1 −1 django/forms/util.py
  2. +4 −0 tests/regressiontests/forms/tests/util.py
View
@@ -27,7 +27,7 @@ def __unicode__(self):
def as_ul(self):
if not self: return u''
return mark_safe(u'<ul class="errorlist">%s</ul>'
- % ''.join([u'<li>%s%s</li>' % (k, force_unicode(v))
+ % ''.join([u'<li>%s%s</li>' % (k, conditional_escape(force_unicode(v)))
for k, v in self.items()]))
def as_text(self):
@@ -55,3 +55,7 @@ def __unicode__(self): return u"A very bad error."
'<ul class="errorlist"><li>Example of link: &lt;a href=&quot;http://www.example.com/&quot;&gt;example&lt;/a&gt;</li></ul>')
self.assertEqual(str(ErrorList([mark_safe(example)])),
'<ul class="errorlist"><li>Example of link: <a href="http://www.example.com/">example</a></li></ul>')
+ self.assertEqual(str(ErrorDict({'name': example})),
+ '<ul class="errorlist"><li>nameExample of link: &lt;a href=&quot;http://www.example.com/&quot;&gt;example&lt;/a&gt;</li></ul>')
+ self.assertEqual(str(ErrorDict({'name': mark_safe(example)})),
+ '<ul class="errorlist"><li>nameExample of link: <a href="http://www.example.com/">example</a></li></ul>')

0 comments on commit c10feca

Please sign in to comment.