#28121: force_text incorrectly handles SafeBytes under PY3
------------------------------------+--------------------------------------
Reporter: Thomas Achtemichuk | Owner: nobody
Type: Bug | Status: new
Component: Utilities | Version: 1.11
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------------+--------------------------------------
Changes (by Thomas Achtemichuk):
* version: master => 1.11
Old description:
> Under python 3 & Django 1.8.18, 1.9.13, 1.10.7, 1.11 and master, calling
> `force_text` on an instance of `SafeBytes` causes a `str` to be returned
> rather than an instance of `SafeText`.
>
> {{{
> >>> from django.utils.safestring import SafeBytes, SafeText
> >>> from django.utils.encoding import force_text
> >>> type(force_text(SafeText('')))
> django.utils.safestring.SafeText
> >>> type(force_text(SafeBytes(b'')))
> str
> }}}
>
> This causes byte strings run through `mark_safe` and rendered in a
> template to be incorrectly escaped.
>
> {{{
> >>> from django.template import Template, Context
> >>> from django.utils.safestring import mark_safe
> >>> Template('{{ x }}').render(Context({'x': mark_safe(b'&')}))
> '&'
> >>> Template('{{ x }}').render(Context({'x': mark_safe('&')}))
> '&'
> }}}
New description:
Under python 3 & Django 1.8.18, 1.9.13, 1.10.7, 1.11 and master, calling
`force_text` on an instance of `SafeBytes` causes a `str` to be returned
rather than an instance of `SafeText`.
{{{
>>> from django.utils.safestring import SafeBytes, SafeText
>>> from django.utils.encoding import force_text
>>> type(force_text(SafeText('')))
django.utils.safestring.SafeText
>>> type(force_text(SafeBytes(b'')))
str
}}}
This causes byte strings run through `mark_safe` and rendered in a
template to be incorrectly escaped.
{{{
>>> from django.template import Template, Context
>>> from django.utils.safestring import mark_safe
>>> Template('{{ x }}').render(Context({'x': mark_safe(b'&')}))
'&'
>>> Template('{{ x }}').render(Context({'x': mark_safe('&')}))
'&'
}}}
Edit: This behavior differs from the same code run under PY2:
{{{
>>> type(force_text(SafeBytes(b'&')))
django.utils.safestring.SafeText
}}}
And disagrees with the comment in force_text:
{{{
# Note: We use .decode() here, instead of six.text_type(s,
encoding,
# errors), so that if s is a SafeBytes, it ends up being a
# SafeText at the end.
}}}
--
--
Ticket URL: <https://code.djangoproject.com/ticket/28121#comment:7>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/065.6744c7539400323aec9e0f35432e4b96%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
