#17906: 'firstof' and 'cycle' should autoescape
---------------------------------+------------------------------------
Reporter: anonymous | Owner: nobody
Type: Uncategorized | Status: new
Component: Template system | Version: 1.3
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Comment (by russellm):
If the problem can be fixed with a clean implementation of the template
tag in question, we already have a way to smoothly introduce this sort of
backwards incompatible change. We have a template tag library called
"future" that contains updated implementations of core template tags; As
part of a forward compatibility move, you can put:
{{{
{% load cycle from future %}
}}}
at the top of your template, and the new behaviour will be used for the
tag. The base libraries output warnings when they are used (following the
usual Django deprecation pattern); once we've transitioned to the new
tags, the versions in the future library will be deprecated.
The {% url %} and {% ssi %} tags are in the middle of just such a
transition. If we add updated, autoescaping implementations of {% cycle %}
and {% firstof %} to the future library, we can gradually introduce new
behaviour for them, too.
--
Ticket URL: <https://code.djangoproject.com/ticket/17906#comment:4>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
