Ticket #21316: mark_safe_21316.txt

File mark_safe_21316.txt, 1.5 KB (added by vijay_shanker, 10 years ago)

added a sentence and a code example to how modified strings are not safe

Line 
1diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt
2index e03a775..311871e 100644
3--- a/docs/ref/utils.txt
4+++ b/docs/ref/utils.txt
5@@ -557,16 +557,16 @@ escaping HTML.
6 So, instead of writing:
7
8 .. code-block:: python
9-
10+
11 mark_safe(u"%s <b>%s</b> %s" % (some_html,
12 escape(some_text),
13 escape(some_other_text),
14 ))
15
16 you should instead use:
17-
18+
19 .. code-block:: python
20-
21+
22 format_html(u"{0} <b>{1}</b> {2}",
23 mark_safe(some_html), some_text, some_other_text)
24
25@@ -722,7 +722,7 @@ Functions for working with Python modules.
26 ImproperlyConfigured = import_by_path('django.core.exceptions.ImproperlyConfigured')
27
28 is equivalent to::
29-
30+
31 from django.core.exceptions import ImproperlyConfigured
32
33 ``django.utils.safestring``
34@@ -763,7 +763,19 @@ appropriate entities.
35 object can be used everywhere a string or unicode object is appropriate.
36
37 Can be called multiple times on a single string.
38-
39+ String marked safe will become unsafe again if modified.
40+
41+ For example::
42+
43+ mystr = '<b>Hello World</b> '
44+ mystr = mark_safe(mystr)
45+ type(mystr)
46+ <class 'django.utils.safestring.SafeBytes'>
47+
48+ mystr = mystr.strip() #removing white-spaces
49+ type(mystr)
50+ <type 'str'>
51+
52 .. function:: mark_for_escaping(s)
53
54 Explicitly mark a string as requiring HTML escaping upon output. Has no
Back to Top