stringfilter decorator is incompatible with is_safe / needs_autoescape flags
|Reported by:||Aymeric Augustin||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Description (last modified by )
Defining a template filter like this doesn't work:
@register.filter @stringfilter def passthrough(value): return value passthrough.is_safe = True
The problem is that the
stringfilter decorator keeps a pointer to the underlying function, and the template engine uses it.
However, the last line only sets
is_safe on the function returned by the decorator, not on the underlying function. As a consequence, the template engine doesn't know that the filter is safe.