Opened 11 years ago

Closed 11 years ago

#6060 closed (duplicate)

newforms-admin widgets need to mark_safe their output

Reported by: Karen Tracey <kmtracey@…> Owned by: nobody
Component: contrib.admin Version: newforms-admin
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


I use raw_id_fields in newforms-admin and now with the autoescape code merged see escaped html for these fields. Attached patch mark_safe's the output of all (I think I got them all) the widgets in django/contrib/admin/ but I'll admit I believe my app only uses the ForeignKeyRawIdWidget, so I didn't actually verify the fix for the other widgets.

Attachments (1)

safe_widgets.diff (2.7 KB) - added by Karen Tracey <kmtracey@…> 11 years ago.

Download all attachments as: .zip

Change History (2)

Changed 11 years ago by Karen Tracey <kmtracey@…>

Attachment: safe_widgets.diff added

comment:1 Changed 11 years ago by jkocherhans

Resolution: duplicate
Status: newclosed

Closed as a duplicate of #6058. That ticket has a patch that covers this issue and more.

Note: See TracTickets for help on using tickets.
Back to Top