Navigation

← Previous Changeset
Next Changeset →

Changeset 6892

Timestamp:

12/04/07 15:08:29 (9 months ago)

Author:

jacob

Message:

Fixed #4131: added an "escapejs" filter for use in JavaScript? strings, and updated the documentation on addslashes to point to the new ticket. Featuring contributions from Ned Batchelder, Jeremy Dunck, and Andy Durdin.

Files:

django/trunk/django/template/defaultfilters.py (modified) (2 diffs)
django/trunk/docs/templates.txt (modified) (2 diffs)
django/trunk/tests/regressiontests/defaultfilters/tests.py (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

django/trunk/django/template/defaultfilters.py

r6787	r6892
44	44
45	45	def addslashes(value):
46		"""Adds slashes - useful for passing strings to JavaScript, for example."""
	46	"""
	47	Adds slashes before quotes. Useful for escaping strings in CSV, for
	48	example. Less useful for escaping JavaScript; use the ``escapejs``
	49	filter instead.
	50	"""
47	51	return value.replace('\\', '\\\\').replace('"', '\\"').replace("'", "\\'")
48	52	addslashes.is_safe = True
…	…
54	58	capfirst.is_safe=True
55	59	capfirst = stringfilter(capfirst)
	60
	61	_js_escapes = (
	62	('\\', '\\\\'),
	63	('"', '\\"'),
	64	("'", "\\'"),
	65	('\n', '\\n'),
	66	('\r', '\\r'),
	67	('\b', '\\b'),
	68	('\f', '\\f'),
	69	('\t', '\\t'),
	70	('\v', '\\v'),
	71	('</', '<\\/'),
	72	)
	73	def escapejs(value):
	74	"""Backslash-escapes characters for use in JavaScript strings."""
	75	for bad, good in _js_escapes:
	76	value = value.replace(bad, good)
	77	return value
	78	escapejs = stringfilter(escapejs)
56	79
57	80	def fix_ampersands(value):

django/trunk/docs/templates.txt

r6874	r6892
1228	1228	~~~~~~~~~~
1229	1229
1230		Adds slashes. Useful for passing strings to JavaScript, for example.
1231
	1230	Adds slashes before quotes. Useful for escaping strings in CSV, for example.
	1231
	1232	New in Django development version: for escaping data in JavaScript strings,
	1233	use the `escapejs` filter instead.
1232	1234
1233	1235	capfirst
…	…
1302	1304	it is safe to use this function even in auto-escaping environments. If you want
1303	1305	multiple escaping passes to be applied, use the ``force_escape`` filter.
	1306
	1307	escapejs
	1308	~~~~~~~~
	1309
	1310	New in Django development version
	1311
	1312	Escapes characters for use in JavaScript strings. This does not make the
	1313	string safe for use in HTML, but does protect you from syntax errors when using
	1314	templates to generate JavaScript/JSON.
1304	1315
1305	1316	filesizeformat

django/trunk/tests/regressiontests/defaultfilters/tests.py

r6752	r6892
50	50	u'Hello world'
51	51
	52	>>> escapejs(u'"double quotes" and \'single quotes\'')
	53	u'\\"double quotes\\" and \\\'single quotes\\\''
	54
	55	>>> escapejs(ur'\ : backslashes, too')
	56	u'\\\\ : backslashes, too'
	57
	58	>>> escapejs(u'and lots of whitespace: \r\n\t\v\f\b')
	59	u'and lots of whitespace: \\r\\n\\t\\v\\f\\b'
	60
	61	>>> escapejs(ur'<script>and this</script>')
	62	u'<script>and this<\\/script>'
	63
52	64	>>> fix_ampersands(u'Jack & Jill & Jeroboam')
53	65	u'Jack & Jill & Jeroboam'

Code