Opened 17 years ago
Closed 13 years ago
#6474 closed Cleanup/optimization (invalid)
conditional_escape: Try to convert to a string first, then check if SafeData
Reported by: | Thomas Güttler | Owned by: | nobody |
---|---|---|---|
Component: | Uncategorized | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | yes |
Easy pickings: | no | UI/UX: | no |
Description
Hi,
if you try to conditional_escape() an object, which unicode
method returns a SafeString, the SafeStrinng gets escaped (one time to much).
I attached a patch with unittest.
All other tests pass.
Attachments (1)
Change History (7)
by , 17 years ago
Attachment: | utils_conditional_escape.diff added |
---|
comment:1 by , 17 years ago
Triage Stage: | Unreviewed → Accepted |
---|
comment:2 by , 17 years ago
This is derived from newforms.utils.ErrorList: There __unicode__()
returns mark_safe(...), too. There, I discoverd the bug. I just
wanted to keep the unittest self-contained.
# newforms.utils.ErrorList: class ErrorList(list, StrAndUnicode): """ A collection of errors that knows how to display itself in various formats. """ def __unicode__(self): return self.as_ul() def as_ul(self): if not self: return u'' return mark_safe(u'<ul class="errorlist">%s</ul>' % ''.join([u'<li>%s</li>' % force_unicode(e) for e in self]))
comment:3 by , 17 years ago
Cc: | added |
---|
comment:4 by , 14 years ago
Easy pickings: | unset |
---|---|
Patch needs improvement: | set |
Severity: | → Normal |
Type: | → Uncategorized |
utils_conditional_escape.diff fails to apply cleanly on to trunk
comment:5 by , 13 years ago
Type: | Uncategorized → Cleanup/optimization |
---|
comment:6 by , 13 years ago
Cc: | removed |
---|---|
Resolution: | → invalid |
Status: | new → closed |
UI/UX: | unset |
The unittest of the patch still fails, but I (original reporter) close it.
It's fairly dangerous (and I'm not sure it's entirely legal) to have the
__unicode__
method return something that isn't simply a Unicode object.More research required here to determine if this is actually a safe Python practice. If not, the whole issue is moot.