On Wed, 2006-07-19 at 11:19 +1000, Malcolm Tredinnick wrote: > On Tue, 2006-07-18 at 18:03 -0700, SmileyChris wrote: > > > > Malcolm Tredinnick wrote: > > > On Mon, 2006-07-17 at 03:30 -0700, SmileyChris wrote: > > > > A couple of points: > > > > If a markup filter fails due to an import error, I don't think it > > > > should be marked as safe. > > > > > > Why not? The returned result is the empty string in that case and > > > there's certainly no danger of that being presented in the raw. > > > > By the way, I just went and checked this for markup. > > An unfinalized string is returned (not an empty string). So I still > > think it shouldn't be marked as safe on an import error. > > That's just a bug in the patch. A couple of mark_safe() calls also need > escape() wrapped around them. A filter cannot be half-and-half for the > reasons I gave earlier: it would be no better than not having this patch > in at all.
Sorry, that was too categorical. "A filter that is primarily designed to return pre-marked-up data should not be half-and-half," is a better way of saying what I mean. Malcolm --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers -~----------~----~----~----~------~----~------~--~---
