Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#8959 closed (fixed)

Remove calls to escape in new comments framework templates

Reported by: Jarek Zgoda Owned by: Adrian Holovaty
Component: contrib.comments Version: master
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

As autoescaping is in place with current Django, escaping values in templates is not necessary. Attached patch fixes this.

Attachments (1)

contrib-comments-escaping.diff (5.2 KB) - added by Jarek Zgoda 8 years ago.
Removing calls to escape in templates

Download all attachments as: .zip

Change History (6)

Changed 8 years ago by Jarek Zgoda

Removing calls to escape in templates

comment:1 Changed 8 years ago by Thejaswi Puthraya

Triage Stage: UnreviewedDesign decision needed

True, but I don't see anything wrong with keeping it on. It's better to be safe than never. Marking it DDN for some core-devs to comment on this.

comment:2 Changed 8 years ago by Jarek Zgoda

Sure, nothing wrong. It's just for consistency.

comment:3 Changed 8 years ago by Adrian Holovaty

Owner: changed from nobody to Adrian Holovaty
Status: newassigned
Triage Stage: Design decision neededAccepted

It's worth removing those unnecessary "escape" filters, given that they're redundant and cause a slight be of extra overhead. I will review and check in the patch.

comment:4 Changed 8 years ago by Adrian Holovaty

Resolution: fixed
Status: assignedclosed

(In [9000]) Fixed #8959 -- Removed redundant calls to the 'escape' template filter in the django.contrib.comments templates. Thanks, zgoda

comment:5 Changed 8 years ago by (none)

milestone: post-1.0

Milestone post-1.0 deleted

Note: See TracTickets for help on using tickets.
Back to Top