Ticket #17596: safestring_in_admin_field_label.patch

File safestring_in_admin_field_label.patch, 3.9 KB (added by guettli, 3 years ago)
  • tests/regressiontests/admin_util/tests.py

     
    66from django.contrib import admin
    77from django.contrib.admin.util import (display_for_field, label_for_field,
    88    lookup_field, NestedObjects)
     9from django.contrib.admin import helpers
    910from django.contrib.admin.views.main import EMPTY_CHANGELIST_VALUE
    1011from django.contrib.sites.models import Site
    1112from django.db import models, DEFAULT_DB_ALIAS
    1213from django.test import TestCase
    1314from django.utils import unittest
    1415from django.utils.formats import localize
     16from django import forms
     17from django.utils.html import mark_safe
    1518
    1619from .models import Article, Count, Event, Location
    1720
     
    258261        self.assertTrue(
    259262            unicode(log_entry).startswith('Deleted ')
    260263        )
     264
     265    def test_safestring_in_field_label(self):
     266        # safestring should not be escaped.
     267        class MyForm(forms.Form):
     268            text=forms.CharField(label=mark_safe('<i>text</i>'))
     269            cb=forms.BooleanField(label=mark_safe('<i>cb</i>'))
     270        form=MyForm()
     271        self.assertEqual(helpers.AdminField(form, 'text', is_first=False).label_tag(),
     272                         '<label for="id_text" class="required inline"><i>text</i>:</label>')
     273        self.assertEqual(helpers.AdminField(form, 'cb', is_first=False).label_tag(),
     274                         '<label for="id_cb" class="vCheckboxLabel required inline"><i>cb</i></label>')
     275
     276        # normal strings needs to be escaped.
     277        class MyForm(forms.Form):
     278            text=forms.CharField(label='&text')
     279            cb=forms.BooleanField(label='&cb')
     280        form=MyForm()
     281        self.assertEqual(helpers.AdminField(form, 'text', is_first=False).label_tag(),
     282                         '<label for="id_text" class="required inline">&amp;text:</label>')
     283        self.assertEqual(helpers.AdminField(form, 'cb', is_first=False).label_tag(),
     284                         '<label for="id_cb" class="vCheckboxLabel required inline">&amp;cb</label>')
  • django/forms/forms.py

     
    167167                    # punctuation.
    168168                    if self.label_suffix:
    169169                        if label[-1] not in ':?.!':
    170                             label += self.label_suffix
     170                            label=mark_safe(label + self.label_suffix)
    171171                    label = bf.label_tag(label) or ''
    172172                else:
    173173                    label = ''
     
    503503
    504504        If attrs are given, they're used as HTML attributes on the <label> tag.
    505505        """
    506         contents = contents or conditional_escape(self.label)
     506        if contents is None:
     507            contents=self.label
     508        contents=conditional_escape(contents)
    507509        widget = self.field.widget
    508510        id_ = widget.attrs.get('id') or self.auto_id
    509511        if id_:
  • django/contrib/admin/helpers.py

     
    117117        classes = []
    118118        if self.is_checkbox:
    119119            classes.append(u'vCheckboxLabel')
    120             contents = force_unicode(escape(self.field.label))
    121         else:
    122             contents = force_unicode(escape(self.field.label)) + u':'
     120            contents = force_unicode(self.field.label) # conditional_escape() is called in field.label_tag()
     121        else: 
     122            contents = mark_safe(conditional_escape(force_unicode(self.field.label)) + u':')
    123123        if self.field.field.required:
    124124            classes.append(u'required')
    125125        if not self.is_first:
Back to Top