Opened 16 years ago

Closed 12 years ago

#6474 closed Cleanup/optimization (invalid)

conditional_escape: Try to convert to a string first, then check if SafeData

Reported by: Thomas Güttler Owned by: nobody
Component: Uncategorized Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

Hi,

if you try to conditional_escape() an object, which unicode
method returns a SafeString, the SafeStrinng gets escaped (one time to much).

I attached a patch with unittest.

All other tests pass.

Attachments (1)

utils_conditional_escape.diff (1.4 KB ) - added by Thomas Güttler 16 years ago.

Download all attachments as: .zip

Change History (7)

by Thomas Güttler, 16 years ago

comment:1 by Malcolm Tredinnick, 16 years ago

Triage Stage: UnreviewedAccepted

It's fairly dangerous (and I'm not sure it's entirely legal) to have the __unicode__ method return something that isn't simply a Unicode object.

More research required here to determine if this is actually a safe Python practice. If not, the whole issue is moot.

comment:2 by Thomas Güttler, 16 years ago

This is derived from newforms.utils.ErrorList: There __unicode__()
returns mark_safe(...), too. There, I discoverd the bug. I just
wanted to keep the unittest self-contained.

# newforms.utils.ErrorList:
class ErrorList(list, StrAndUnicode):
    """
    A collection of errors that knows how to display itself in various formats.
    """
    def __unicode__(self):
        return self.as_ul()

    def as_ul(self):
        if not self: return u''
        return mark_safe(u'<ul class="errorlist">%s</ul>'
                % ''.join([u'<li>%s</li>' % force_unicode(e) for e in self]))

comment:3 by Thomas Güttler, 16 years ago

Cc: hv@… added

comment:4 by patchhammer, 13 years ago

Easy pickings: unset
Patch needs improvement: set
Severity: Normal
Type: Uncategorized

utils_conditional_escape.diff fails to apply cleanly on to trunk

comment:5 by Julien Phalip, 13 years ago

Type: UncategorizedCleanup/optimization

comment:6 by Thomas Güttler, 12 years ago

Cc: hv@… removed
Resolution: invalid
Status: newclosed
UI/UX: unset

The unittest of the patch still fails, but I (original reporter) close it.

Note: See TracTickets for help on using tickets.
Back to Top