Ticket #8041: media-safestrings.diff

File media-safestrings.diff, 4.9 KB (added by ericholscher, 7 years ago)

Simple patch

  • forms/widgets.py

     
    3535            media_attrs = media.__dict__
    3636        else:
    3737            media_attrs = kwargs
    38            
     38
    3939        self._css = {}
    4040        self._js = []
    41        
     41
    4242        for name in MEDIA_TYPES:
    4343            getattr(self, 'add_' + name)(media_attrs.get(name, None))
    4444
    4545        # Any leftover attributes must be invalid.
    4646        # if media_attrs != {}:
    4747        #     raise TypeError, "'class Media' has invalid attribute(s): %s" % ','.join(media_attrs.keys())
    48        
     48
    4949    def __unicode__(self):
    5050        return self.render()
    51        
     51
    5252    def render(self):
    5353        return u'\n'.join(chain(*[getattr(self, 'render_' + name)() for name in MEDIA_TYPES]))
    54        
     54
    5555    def render_js(self):
    56         return [u'<script type="text/javascript" src="%s"></script>' % self.absolute_path(path) for path in self._js]
    57        
     56        return [mark_safe(u'<script type="text/javascript" src="%s"></script>' % conditional_escape(self.absolute_path(path))) for path in self._js]
     57
    5858    def render_css(self):
    5959        # To keep rendering order consistent, we can't just iterate over items().
    6060        # We need to sort the keys, and iterate over the sorted list.
    6161        media = self._css.keys()
    6262        media.sort()
    6363        return chain(*[
    64             [u'<link href="%s" type="text/css" media="%s" rel="stylesheet" />' % (self.absolute_path(path), medium)
    65                     for path in self._css[medium]] 
     64            [mark_safe(u'<link href="%s" type="text/css" media="%s" rel="stylesheet" />' % (conditional_escape(self.absolute_path(path)), medium))
     65                    for path in self._css[medium]]
    6666                for medium in media])
    67        
     67
    6868    def absolute_path(self, path):
    6969        if path.startswith(u'http://') or path.startswith(u'https://') or path.startswith(u'/'):
    7070            return path
     
    7777        raise KeyError('Unknown media type "%s"' % name)
    7878
    7979    def add_js(self, data):
    80         if data:   
     80        if data:
    8181            self._js.extend([path for path in data if path not in self._js])
    82            
     82
    8383    def add_css(self, data):
    8484        if data:
    8585            for medium, paths in data.items():
     
    9999            base = super(cls, self).media
    100100        else:
    101101            base = Media()
    102        
    103         # Get the media definition for this class   
     102
     103        # Get the media definition for this class
    104104        definition = getattr(cls, 'Media', None)
    105105        if definition:
    106106            extend = getattr(definition, 'extend', True)
     
    117117        else:
    118118            return base
    119119    return property(_media)
    120    
     120
    121121class MediaDefiningClass(type):
    122122    "Metaclass for classes that can have media definitions"
    123     def __new__(cls, name, bases, attrs):           
     123    def __new__(cls, name, bases, attrs):
    124124        new_class = super(MediaDefiningClass, cls).__new__(cls, name, bases,
    125125                                                           attrs)
    126126        if 'media' not in attrs:
    127127            new_class.media = media_property(new_class)
    128128        return new_class
    129        
     129
    130130class Widget(object):
    131131    __metaclass__ = MediaDefiningClass
    132132    is_hidden = False          # Determines whether this corresponds to an <input type="hidden">.
     
    264264    def value_from_datadict(self, data, files, name):
    265265        "File widgets take data from FILES, not POST"
    266266        return files.get(name, None)
    267    
     267
    268268    def _has_changed(self, initial, data):
    269269        if data is None:
    270270            return False
     
    410410        if isinstance(data, MultiValueDict):
    411411            return data.getlist(name)
    412412        return data.get(name, None)
    413    
     413
    414414    def _has_changed(self, initial, data):
    415415        if initial is None:
    416416            initial = []
     
    527527                label_for = u' for="%s"' % final_attrs['id']
    528528            else:
    529529                label_for = ''
    530                
     530
    531531            cb = CheckboxInput(final_attrs, check_test=lambda value: value in str_values)
    532532            option_value = force_unicode(option_value)
    533533            rendered_cb = cb.render(name, option_value)
     
    601601
    602602    def value_from_datadict(self, data, files, name):
    603603        return [widget.value_from_datadict(data, files, name + '_%s' % i) for i, widget in enumerate(self.widgets)]
    604    
     604
    605605    def _has_changed(self, initial, data):
    606606        if initial is None:
    607607            initial = [u'' for x in range(0, len(data))]
     
    637637            media = media + w.media
    638638        return media
    639639    media = property(_get_media)
    640    
     640
    641641class SplitDateTimeWidget(MultiWidget):
    642642    """
    643643    A Widget that splits datetime input into two <input type="text"> boxes.
     
    650650        if value:
    651651            return [value.date(), value.time().replace(microsecond=0)]
    652652        return [None, None]
    653 
Back to Top