| 1 | Index: django/template/defaultfilters.py
|
|---|
| 2 | ===================================================================
|
|---|
| 3 | --- django/template/defaultfilters.py (revision 5061)
|
|---|
| 4 | +++ django/template/defaultfilters.py (working copy)
|
|---|
| 5 | @@ -47,7 +47,7 @@
|
|---|
| 6 |
|
|---|
| 7 | def addslashes(value):
|
|---|
| 8 | "Adds slashes - useful for passing strings to JavaScript, for example."
|
|---|
| 9 | - return value.replace('\\', '\\\\').replace('"', '\\"').replace("'", "\\'")
|
|---|
| 10 | + return value.replace('\\', '\\\\').replace('"', '\\"').replace("'", "\\'").replace("</", "<\\/")
|
|---|
| 11 | addslashes = stringfilter(addslashes)
|
|---|
| 12 |
|
|---|
| 13 | def capfirst(value):
|
|---|
| 14 | Index: tests/regressiontests/defaultfilters/tests.py
|
|---|
| 15 | ===================================================================
|
|---|
| 16 | --- tests/regressiontests/defaultfilters/tests.py (revision 5061)
|
|---|
| 17 | +++ tests/regressiontests/defaultfilters/tests.py (working copy)
|
|---|
| 18 | @@ -40,6 +40,9 @@
|
|---|
| 19 | >>> addslashes(r'\ : backslashes, too')
|
|---|
| 20 | '\\\\ : backslashes, too'
|
|---|
| 21 |
|
|---|
| 22 | +>>> addslashes('<script>alert("make sure close tags are ok")</script>')
|
|---|
| 23 | +'<script>alert(\\"make sure close tags are ok\\")<\\/script>'
|
|---|
| 24 | +
|
|---|
| 25 | >>> capfirst('hello world')
|
|---|
| 26 | 'Hello world'
|
|---|
| 27 |
|
|---|