Opened 14 months ago

Closed 7 months ago

Last modified 7 months ago

#19988 closed Bug (fixed)

django.contrib.humanize : ordinal returns escaped HTML code in some languages

Reported by: maxime.lorant@… Owned by: garrypolley
Component: contrib.humanize Version: 1.5
Severity: Normal Keywords: humanize ordinal html escaped
Cc: garrypolley Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no


Hi guys,

I found that the ordinal filter returns escaped HTML in some languages, due to the translation. In English, the filter make this:

{{ 1|ordinal }} becomes 1st
{{ 2|ordinal }} becomes 2nd

In French, the expected behavior is:

{{ 1|ordinal }} becomes 1er
{{ 2|ordinal }} becomes 2e

However, with Django 1.4 and 1.5 (haven't try with older versions but do we really care now ?), I got:

{{ 1|ordinal }} becomes 1<sup>er</sup>
{{ 2|ordinal }} becomes 2<sup>e</sup>
{{ "2"|ordinal }} becomes 2e (!!!)

As you can see, the HTML is escaped if the argument is a int, and it doesn't if the argument is a string, precisely à SafeString in the filter. I've tried to patch this bug by marking the output string safe, cast the argument in the filter, etc. No success. I think it's possible with a single line, but I hope someone more competent will found this in one second :)

The problem comes from the translation, which can returns HTML in some languages. You can try with LANGUAGE_CODE = 'fr-fr' to test it.

Attachments (0)

Change History (9)

comment:1 Changed 14 months ago by matiasb

  • Needs documentation unset
  • Needs tests unset
  • Owner changed from nobody to matiasb
  • Patch needs improvement unset
  • Status changed from new to assigned
  • Triage Stage changed from Unreviewed to Accepted

comment:2 Changed 13 months ago by matiasb

  • Has patch set

Proposed pull request:
Tests passing for sqlite.

comment:3 Changed 11 months ago by EvilDMP

  • Owner changed from matiasb to EvilDMP

I have marked this ticket as suitable for a first-time committer attending a Don't be afraid to commit workshop.

The next planned session will be hosted by Cardiff Dev Workshop on Saturday 8th June.

If you want to tackle this ticket before then, or at any time in fact, please don't let the fact that it's assigned to me stop you. Feel free to re-assign it to yourself and do whatever you like to it.

comment:4 Changed 7 months ago by garrypolley

  • Owner changed from EvilDMP to garrypolley

Submitted a pull request for this issue.

comment:5 Changed 7 months ago by garrypolley

  • Triage Stage changed from Accepted to Ready for checkin

comment:6 Changed 7 months ago by claudep

  • Triage Stage changed from Ready for checkin to Accepted

Please do not mark your own patch as RFC. Someone else should review it.

comment:7 Changed 7 months ago by garrypolley

  • Cc garrypolley added

comment:8 Changed 7 months ago by Garry Polley <garrympolley@…>

  • Resolution set to fixed
  • Status changed from assigned to closed

In 337bd248a5ac13957b3287ec8bd7a8a4e21be53e:

fixes #19988, allow html in ordinal for humanize

comment:9 Changed 7 months ago by Alex Gaynor <alex.gaynor@…>

In 907f19eba743de3f0720bc2e2cd2fad45b2c0170:

Merge pull request #1565 from garrypolley/#19988-ordinal-html-i18n-fix

fixes #19988, allow html in ordinal for humanize

Add Comment

Modify Ticket

Change Properties
<Author field>
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.