Django

Code

Ticket #2456 (closed: fixed)

Opened 2 years ago

Last modified 2 years ago

[patch] addslashes filter doesn't escape backslashes

Reported by: tom@eggdrop.ch Assigned to: adrian
Milestone: Component: Template system
Version: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: 1 Needs documentation: 0
Needs tests: 0 Patch needs improvement: 0

Description

addslashes filter doesn't escape backslashes. This is important when you want to pass a string that contains backslashes to a JavaScript? template.

Here's a patch: 

Index: django/template/defaultfilters.py
===================================================================
--- django/template/defaultfilters.py   (revision 3496)
+++ django/template/defaultfilters.py   (working copy)
@@ -15,7 +15,7 @@
 
 def addslashes(value):
     "Adds slashes - useful for passing strings to JavaScript, for example."
-    return value.replace('"', '\\"').replace("'", "\\'")
+    return value.replace('\\', '\\\\').replace('"', '\\"').replace("'", "\\'")
 
 def capfirst(value):
     "Capitalizes the first character of the value"

Attachments

Change History

07/30/06 10:40:54 changed by anonymous

  • component changed from Admin interface to Template system.

08/02/06 12:00:19 changed by anonymous

  • summary changed from addslashes filter doesn't escape backslashes to [patch] addslashes filter doesn't escape backslashes.

09/07/06 14:40:42 changed by anonymous

  • severity changed from normal to major.

Does nobody want to fix this bug, which is a major bug IMHO? It's very easy to fix it.

09/23/06 03:41:09 changed by mtredinnick

  • status changed from new to closed.
  • resolution set to fixed.

(In [3799]) Fixed #2456 -- Added backslash escaping to addslashes, which is necessary once you start escaping other things. Thanks, tom@eggdrop.ch.

Add/Change #2456 ([patch] addslashes filter doesn't escape backslashes)




Change Properties
Action