Opened 4 years ago

Closed 3 years ago

#15683 closed Cleanup/optimization (fixed)

the force_escpe filter should not call mark_safe

Reported by: tyrion Owned by: marcosmoyano
Component: Template system Version: 1.3
Severity: Normal Keywords: force_escape mark_safe
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

in template.defaultfilters.force_escape you are explicitly calling mark_safe on the value returned by utils.html.escape, but escape already calls mark_safe on the string it returns
http://code.djangoproject.com/browser/django/trunk/django/utils/html.py#L30
http://code.djangoproject.com/browser/django/trunk/django/template/defaultfilters.py#L391

I reported this on #django-dev and got answered:

<carljm> tyrion-mx: indeed, i think the mark_safe in force_escape is unnecessary. though also harmless - it costs exactly one function call and one isinstance check.

Attachments (1)

ticket_15683.patch (450 bytes) - added by marcosmoyano 4 years ago.
remove marke_safe

Download all attachments as: .zip

Change History (10)

comment:1 Changed 4 years ago by lukeplant

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted

Changed 4 years ago by marcosmoyano

remove marke_safe

comment:2 Changed 4 years ago by marcosmoyano

  • Owner changed from nobody to marcosmoyano
  • Status changed from new to assigned

comment:3 Changed 4 years ago by marcosmoyano

  • Has patch set
  • Needs tests set

comment:4 Changed 4 years ago by lukeplant

  • Type set to Cleanup/optimization

comment:5 Changed 4 years ago by lukeplant

  • Severity set to Normal

comment:6 Changed 4 years ago by jezdez

  • Easy pickings unset
  • Triage Stage changed from Accepted to Ready for checkin

comment:7 Changed 4 years ago by jezdez

  • Triage Stage changed from Ready for checkin to Accepted

back to accepted since tests are missing..

comment:8 Changed 3 years ago by aaugustin

  • UI/UX unset

Change UI/UX from NULL to False.

comment:9 Changed 3 years ago by claudep

  • Resolution set to fixed
  • Status changed from assigned to closed

In [17876]:

Fixed #15683 -- Prevented escaped string to be needlessly marked safe twice in force_escape filter. Thanks tyrion for the initial patch.

Note: See TracTickets for help on using tickets.
Back to Top