Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make autoescape an option:

  • Loading branch information...
commit 3ba5c4200be0b465e34108ed5d4dcba7a1e77d3d 1 parent f12cd71
@rubys authored
View
2  docs/config.html
@@ -129,6 +129,8 @@ <h3 id="planet"><code>[planet]</code></h3>
<dt><ins>pubsubhubbub_feeds</ins></dt>
<dd>List of feeds to publish. Defaults to <code>atom.xml rss10.xml
rss20.xml</code>.</dd>
+<dt id="django_autoescape"><ins>django_autoescape</ins></dt>
+<dd>Control <a href="http://docs.djangoproject.com/en/dev/ref/templates/builtins/#autoescape">autoescaping</a> behavior of django templates. Defaults to <code>on</code>.</dd>
</dl>
<p>Additional options can be found in
<a href="normalization.html#overrides">normalization level overrides</a>.</p>
View
6 docs/templates.html
@@ -143,6 +143,12 @@
requires at least Python 2.3.
</p>
+<p>
+ The <a href="config.html#django_autoescape">django_autoescape</a> config
+ option may be used to globally set the default value for
+ <a href="http://docs.djangoproject.com/en/dev/ref/templates/builtins/#autoescape">auto-escaping</a>.
+</p>
+
<h3>xslt</h3>
<p><a href="http://www.w3.org/TR/xslt">XSLT</a> is a paradox: it actually
makes some simple things easier to do than htmltmpl, and certainly can
View
1  planet/config.py
@@ -116,6 +116,7 @@ def define_tmpl_int(name, default):
define_planet_list('bill_of_materials')
define_planet_list('template_directories', '.')
define_planet_list('filter_directories')
+ define_planet('django_autoescape', 'on')
# template options
define_tmpl_int('days_per_page', 0)
View
2  planet/shell/dj.py
@@ -32,7 +32,7 @@ def run(script, doc, output_file=None, options={}):
# set up the Django context by using the default htmltmpl
# datatype converters
- context = Context()
+ context = Context(autoescape=(config.django_autoescape()=='on'))
context.update(tmpl.template_info(doc))
context['Config'] = config.planet_options()
t = get_template(script)
View
2  tests/data/filter/django/test.xml
@@ -10,7 +10,7 @@
<id>urn:uuid:60a76c80-d399-11d9-b93C-0003939e0af6</id>
<entry>
- <title>&#161;Atom-Powered Robots Run Amok!</title>
+ <title type='xhtml'>&#161;Atom-Powered <b>Robots</b> Run Amok!</title>
<link href="http://example.org/2003/12/13/atom03"/>
<id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
<updated>2003-12-13T18:30:02Z</updated>
View
12 tests/test_filter_django.py
@@ -24,7 +24,17 @@ def test_django_entry_title(self):
input = feed.read(); feed.close()
results = dj.run(
os.path.realpath('tests/data/filter/django/title.html.dj'), input)
- self.assertEqual(results, u"\xa1Atom-Powered Robots Run Amok!\n")
+ self.assertEqual(results,
+ u"\xa1Atom-Powered &lt;b&gt;Robots&lt;/b&gt; Run Amok!\n")
+
+ def test_django_entry_title_autoescape_off(self):
+ config.load('tests/data/filter/django/test.ini')
+ config.parser.set('Planet', 'django_autoescape', 'off')
+ feed = open('tests/data/filter/django/test.xml')
+ input = feed.read(); feed.close()
+ results = dj.run(
+ os.path.realpath('tests/data/filter/django/title.html.dj'), input)
+ self.assertEqual(results, u"\xa1Atom-Powered <b>Robots</b> Run Amok!\n")
def test_django_config_context(self):
config.load('tests/data/filter/django/test.ini')
View
6 themes/django/index.html.dj
@@ -21,7 +21,7 @@
<ul>
{% for channel in Channels %}
- <li>{{ channel.title }} by {{ channel.author_name }}</li>
+ <li>{{ channel.title|safe }} by {{ channel.author_name }}</li>
{% endfor %}
</ul>
</div>
@@ -32,9 +32,9 @@
{% endifchanged %}
<div class="entry">
- {% if item.title %}<h4>{{ item.title }}</h4>{% endif %}
+ {% if item.title %}<h4>{{ item.title|safe }}</h4>{% endif %}
- {{ item.content }}
+ {{ item.content|safe }}
<p class="entry-tools">
by {{ item.channel_author }} on
Please sign in to comment.
Something went wrong with that request. Please try again.