On Wed, Oct 29, 2008 at 8:35 AM, shabda <[EMAIL PROTECTED]> wrote:
>
> I need to create a custom filter which displays some data from db
> depending on its data type.
>
> My code is something like,
>
> from django.template.defaultfilters import linebreaks, urlize
>
> def filterxx(data)
>
On Oct 31, 8:28 am, Rajesh Dhawan <[EMAIL PROTECTED]> wrote:
> > > > So if these built in filters are marking my strings safe, inspite of
> > > > unsafe data being passed in, should they not handle escaping as well?
>
> > > The problem seems to be that your filter function doesn't mark itself
>
>
> > > So if these built in filters are marking my strings safe, inspite of
> > > unsafe data being passed in, should they not handle escaping as well?
>
> > The problem seems to be that your filter function doesn't mark itself
> > with an is_safe attribute (defaulting it to False). So try
On Oct 30, 6:58 am, Rajesh Dhawan <[EMAIL PROTECTED]> wrote:
> On Oct 30, 1:30 am, shabda <[EMAIL PROTECTED]> wrote:
>
> > So if these built in filters are marking my strings safe, inspite of
> > unsafe data being passed in, should they not handle escaping as well?
>
> The problem seems to be
On Oct 30, 1:30 am, shabda <[EMAIL PROTECTED]> wrote:
> So if these built in filters are marking my strings safe, inspite of
> unsafe data being passed in, should they not handle escaping as well?
The problem seems to be that your filter function doesn't mark itself
with an is_safe attribute
So if these built in filters are marking my strings safe, inspite of
unsafe data being passed in, should they not handle escaping as well?
Rajesh Dhawan wrote:
> On Oct 29, 8:35 am, shabda <[EMAIL PROTECTED]> wrote:
> > I need to create a custom filter which displays some data from db
> >
On Oct 29, 8:35 am, shabda <[EMAIL PROTECTED]> wrote:
> I need to create a custom filter which displays some data from db
> depending on its data type.
>
> My code is something like,
>
> from django.template.defaultfilters import linebreaks, urlize
>
> def filterxx(data)
> return
I need to create a custom filter which displays some data from db
depending on its data type.
My code is something like,
from django.template.defaultfilters import linebreaks, urlize
def filterxx(data)
return linebreaks(urlize(data.value))
My data.value is
Asdfghjkl
alert('hole')
This
8 matches
Mail list logo