Author: kmtracey
Date: 2008-10-28 14:04:59 -0500 (Tue, 28 Oct 2008)
New Revision: 9292
Modified:
django/branches/releases/1.0.X/
django/branches/releases/1.0.X/django/template/defaultfilters.py
django/branches/releases/1.0.X/docs/howto/custom-template-tags.txt
django/branches/releases/1.0.X/tests/regressiontests/templates/filters.py
Log:
[1.0.X] Fixed #8966 -- Changed is_safe for length_is filter to False, since its
return value is a boolean, not a string.
Thanks Thomas Steinacher, carljm, and SmileyChris.
Backport of r9291 from trunk.
Property changes on: django/branches/releases/1.0.X
___________________________________________________________________
Name: svnmerge-integrated
-
/django/trunk:1-9097,9099-9102,9104-9109,9111,9113-9144,9146-9151,9153-9156,9158-9159,9161-9187,9189-9247,9249-9262,9264-9277,9279-9289
+
/django/trunk:1-9097,9099-9102,9104-9109,9111,9113-9144,9146-9151,9153-9156,9158-9159,9161-9187,9189-9247,9249-9262,9264-9277,9279-9291
Modified: django/branches/releases/1.0.X/django/template/defaultfilters.py
===================================================================
--- django/branches/releases/1.0.X/django/template/defaultfilters.py
2008-10-28 19:00:49 UTC (rev 9291)
+++ django/branches/releases/1.0.X/django/template/defaultfilters.py
2008-10-28 19:04:59 UTC (rev 9292)
@@ -476,7 +476,7 @@
def length_is(value, arg):
"""Returns a boolean of whether the value's length is the argument."""
return len(value) == int(arg)
-length_is.is_safe = True
+length_is.is_safe = False
def random(value):
"""Returns a random item from the list."""
Modified: django/branches/releases/1.0.X/docs/howto/custom-template-tags.txt
===================================================================
--- django/branches/releases/1.0.X/docs/howto/custom-template-tags.txt
2008-10-28 19:00:49 UTC (rev 9291)
+++ django/branches/releases/1.0.X/docs/howto/custom-template-tags.txt
2008-10-28 19:04:59 UTC (rev 9292)
@@ -241,6 +241,12 @@
this tricky, but keep an eye out for any problems like that when
reviewing your code.
+ Marking a filter ``is_safe`` will coerce the filter's return value to
+ a string. If your filter should return a boolean or other non-string
+ value, marking it ``is_safe`` will probably have unintended
+ consequences (such as converting a boolean False to the string
+ 'False').
+
2. Alternatively, your filter code can manually take care of any necessary
escaping. This is necessary when you're introducing new HTML markup into
the result. You want to mark the output as safe from further
Modified:
django/branches/releases/1.0.X/tests/regressiontests/templates/filters.py
===================================================================
--- django/branches/releases/1.0.X/tests/regressiontests/templates/filters.py
2008-10-28 19:00:49 UTC (rev 9291)
+++ django/branches/releases/1.0.X/tests/regressiontests/templates/filters.py
2008-10-28 19:04:59 UTC (rev 9292)
@@ -277,5 +277,9 @@
'escapejs01': (r'{{ a|escapejs }}', {'a': 'testing\r\njavascript
\'string" <b>escaping</b>'}, 'testing\\x0D\\x0Ajavascript \\x27string\\x22
\\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
'escapejs02': (r'{% autoescape off %}{{ a|escapejs }}{% endautoescape
%}', {'a': 'testing\r\njavascript \'string" <b>escaping</b>'},
'testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
+
+ # Boolean return value from length_is should not be coerced to a string
+ 'lengthis01': (r'{% if "X"|length_is:0 %}Length is 0{% else %}Length
not 0{% endif %}', {}, 'Length not 0'),
+ 'lengthis02': (r'{% if "X"|length_is:1 %}Length is 1{% else %}Length
not 1{% endif %}', {}, 'Length is 1'),
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
