Django

Code

Changeset 6950

Show
Ignore:
Timestamp:
12/18/07 22:20:02 (1 year ago)
Author:
mtredinnick
Message:

Fixed #6239 -- Fixed an auto-escaping problem with urlizetrunc. Thanks, SmileyChris?.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • django/trunk/django/template/defaultfilters.py

    r6897 r6950  
    255255urlize = stringfilter(urlize) 
    256256 
    257 def urlizetrunc(value, limit): 
     257def urlizetrunc(value, limit, autoescape=None): 
    258258    """ 
    259259    Converts URLs into clickable links, truncating URLs to the given character 
     
    263263    """ 
    264264    from django.utils.html import urlize 
    265     return mark_safe(urlize(value, trim_url_limit=int(limit), nofollow=True)) 
     265    return mark_safe(urlize(value, trim_url_limit=int(limit), nofollow=True, 
     266                            autoescape=autoescape)) 
    266267urlizetrunc.is_safe = True 
     268urlizetrunc.needs_autoescape = True 
    267269urlizetrunc = stringfilter(urlizetrunc) 
    268270 

  • django/trunk/tests/regressiontests/templates/filters.py

    r6729 r6950  
    109109        'filter-urlize06': ('{{ a|urlize }}', {"a": "<script>alert('foo')</script>"}, '&lt;script&gt;alert(&#39;foo&#39;)&lt;/script&gt;'), 
    110110 
    111         'filter-urlizetrunc01': ('{% autoescape off %}{{ a|urlizetrunc:"8" }} {{ b|urlizetrunc:"8" }}{% endautoescape %}', {"a": "http://example.com/x=&y=", "b": mark_safe("http://example.com?x=&y=")}, u'<a href="http://example.com/x=&y=" rel="nofollow">http:...</a> <a href="http://example.com?x=&y=" rel="nofollow">http:...</a>'), 
    112         'filter-urlizetrunc02': ('{{ a|urlizetrunc:"8" }} {{ b|urlizetrunc:"8" }}', {"a": "http://example.com/x=&y=", "b": mark_safe("http://example.com?x=&y=")}, u'<a href="http://example.com/x=&y=" rel="nofollow">http:...</a> <a href="http://example.com?x=&y=" rel="nofollow">http:...</a>'), 
     111        'filter-urlizetrunc01': ('{% autoescape off %}{{ a|urlizetrunc:"8" }} {{ b|urlizetrunc:"8" }}{% endautoescape %}', {"a": '"Unsafe" http://example.com/x=&y=', "b": mark_safe('&quot;Safe&quot; http://example.com?x=&y=')}, u'"Unsafe" <a href="http://example.com/x=&y=" rel="nofollow">http:...</a> &quot;Safe&quot; <a href="http://example.com?x=&y=" rel="nofollow">http:...</a>'), 
     112        'filter-urlizetrunc02': ('{{ a|urlizetrunc:"8" }} {{ b|urlizetrunc:"8" }}', {"a": '"Unsafe" http://example.com/x=&y=', "b": mark_safe('&quot;Safe&quot; http://example.com?x=&y=')}, u'&quot;Unsafe&quot; <a href="http://example.com/x=&y=" rel="nofollow">http:...</a> &quot;Safe&quot; <a href="http://example.com?x=&y=" rel="nofollow">http:...</a>'), 
    113113 
    114114        'filter-wordcount01': ('{% autoescape off %}{{ a|wordcount }} {{ b|wordcount }}{% endautoescape %}', {"a": "a & b", "b": mark_safe("a &amp; b")}, "3 3"),