Skip to content
This repository
Browse code

Make autoescape an option:

  • Loading branch information...
commit 3ba5c4200be0b465e34108ed5d4dcba7a1e77d3d 1 parent f12cd71
Sam Ruby authored December 31, 2010
2  docs/config.html
@@ -129,6 +129,8 @@ <h3 id="planet"><code>[planet]</code></h3>
129 129
 <dt><ins>pubsubhubbub_feeds</ins></dt>
130 130
 <dd>List of feeds to publish.  Defaults to <code>atom.xml rss10.xml
131 131
 rss20.xml</code>.</dd>
  132
+<dt id="django_autoescape"><ins>django_autoescape</ins></dt>
  133
+<dd>Control <a href="http://docs.djangoproject.com/en/dev/ref/templates/builtins/#autoescape">autoescaping</a> behavior of django templates.  Defaults to <code>on</code>.</dd>
132 134
 </dl>
133 135
 <p>Additional options can be found in
134 136
 <a href="normalization.html#overrides">normalization level overrides</a>.</p>
6  docs/templates.html
@@ -143,6 +143,12 @@
143 143
   requires at least Python 2.3.
144 144
 </p>
145 145
 
  146
+<p>
  147
+  The <a href="config.html#django_autoescape">django_autoescape</a> config
  148
+  option may be used to globally set the default value for
  149
+   <a href="http://docs.djangoproject.com/en/dev/ref/templates/builtins/#autoescape">auto-escaping</a>.
  150
+</p>
  151
+
146 152
 <h3>xslt</h3>
147 153
 <p><a href="http://www.w3.org/TR/xslt">XSLT</a> is a paradox: it actually
148 154
 makes some simple things easier to do than htmltmpl, and certainly can
1  planet/config.py
@@ -116,6 +116,7 @@ def define_tmpl_int(name, default):
116 116
     define_planet_list('bill_of_materials')
117 117
     define_planet_list('template_directories', '.')
118 118
     define_planet_list('filter_directories')
  119
+    define_planet('django_autoescape', 'on')
119 120
 
120 121
     # template options
121 122
     define_tmpl_int('days_per_page', 0)
2  planet/shell/dj.py
@@ -32,7 +32,7 @@ def run(script, doc, output_file=None, options={}):
32 32
 
33 33
     # set up the Django context by using the default htmltmpl 
34 34
     # datatype converters
35  
-    context = Context()
  35
+    context = Context(autoescape=(config.django_autoescape()=='on'))
36 36
     context.update(tmpl.template_info(doc))
37 37
     context['Config'] = config.planet_options()
38 38
     t = get_template(script)
2  tests/data/filter/django/test.xml
@@ -10,7 +10,7 @@
10 10
   <id>urn:uuid:60a76c80-d399-11d9-b93C-0003939e0af6</id>
11 11
 
12 12
   <entry>
13  
-    <title>&#161;Atom-Powered Robots Run Amok!</title>
  13
+    <title type='xhtml'>&#161;Atom-Powered <b>Robots</b> Run Amok!</title>
14 14
     <link href="http://example.org/2003/12/13/atom03"/>
15 15
     <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
16 16
     <updated>2003-12-13T18:30:02Z</updated>
12  tests/test_filter_django.py
@@ -24,7 +24,17 @@ def test_django_entry_title(self):
24 24
         input = feed.read(); feed.close()
25 25
         results = dj.run(
26 26
             os.path.realpath('tests/data/filter/django/title.html.dj'), input)
27  
-        self.assertEqual(results, u"\xa1Atom-Powered Robots Run Amok!\n")
  27
+        self.assertEqual(results, 
  28
+          u"\xa1Atom-Powered &lt;b&gt;Robots&lt;/b&gt; Run Amok!\n")
  29
+
  30
+    def test_django_entry_title_autoescape_off(self):
  31
+        config.load('tests/data/filter/django/test.ini')
  32
+        config.parser.set('Planet', 'django_autoescape', 'off')
  33
+        feed = open('tests/data/filter/django/test.xml')
  34
+        input = feed.read(); feed.close()
  35
+        results = dj.run(
  36
+            os.path.realpath('tests/data/filter/django/title.html.dj'), input)
  37
+        self.assertEqual(results, u"\xa1Atom-Powered <b>Robots</b> Run Amok!\n")
28 38
 
29 39
     def test_django_config_context(self):
30 40
         config.load('tests/data/filter/django/test.ini')
6  themes/django/index.html.dj
@@ -21,7 +21,7 @@
21 21
 
22 22
   <ul>
23 23
     {% for channel in Channels %}
24  
-    <li>{{ channel.title }} by {{ channel.author_name }}</li>
  24
+    <li>{{ channel.title|safe }} by {{ channel.author_name }}</li>
25 25
     {% endfor %}
26 26
   </ul>
27 27
 </div>
@@ -32,9 +32,9 @@
32 32
 {% endifchanged %}
33 33
 
34 34
 <div class="entry">
35  
-  {% if item.title %}<h4>{{ item.title }}</h4>{% endif %}
  35
+  {% if item.title %}<h4>{{ item.title|safe }}</h4>{% endif %}
36 36
 
37  
-  {{ item.content }}
  37
+  {{ item.content|safe }}
38 38
   
39 39
   <p class="entry-tools">
40 40
     by {{ item.channel_author }}  on 

0 notes on commit 3ba5c42

Please sign in to comment.
Something went wrong with that request. Please try again.