stringfilter decorator is incompatible with is_safe / needs_autoescape flags
|Reported by:||aaugustin||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Description (last modified by aaugustin)
Defining a template filter like this doesn't work:
@register.filter @stringfilter def passthrough(value): return value passthrough.is_safe = True
The problem is that the stringfilter decorator keeps a pointer to the underlying function, and the template engine uses it.
However, the last line only sets is_safe on the function returned by the decorator, not on the underlying function. As a consequence, the template engine doesn't know that the filter is safe.