Re: [Django] #27386: Readonly callable field is unconditionally wrapped inside

...

, which might create invalid HTML (was: Callable field is wrapped inside

...

)

Tue, 25 Oct 2016 15:36:32 -0700 

#27386: Readonly callable field is unconditionally wrapped inside <p>...</p>, 
which
might create invalid HTML
-------------------------------------+-------------------------------------
     Reporter:  Jacob Rief           |                    Owner:  nobody
         Type:                       |                   Status:  new
  Cleanup/optimization               |
    Component:  contrib.admin        |                  Version:  master
     Severity:  Normal               |               Resolution:
     Keywords:  callable field       |             Triage Stage:  Accepted
  is_readonly <p>                    |
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------
Changes (by Tim Graham):

 * stage:  Unreviewed => Accepted


Old description:

> (Pseudo)-Fields in classes inheriting from
> ``django.contrib.admin.ModelsAdmin`` which are callables, must be listed
> in ``readonly_fields``. This implies that in
> ``admin/includes/fieldset.html`` (line 17) and
> ``admin/edit_inline/tabular.html`` (line 55) the content of this field is
> wrapped inside a paragraph ``<p>{{ field.contents }}</p>``.
>
> However, a ``<p>...</p>`` is not suitable to accept every kind of HTML
> element. Therefore when using a "callable" field, which renders it's
> content in HTML, one might get a surprising result.
>
> Since the author of a callable field may wrap it's content into whatever
> (s)he likes, there should be a way to avoid these wrapping paragraphs.
>
> My proposal is to check if ``field.contents`` is safe text, and if so
> then leave it as-is, or otherwise wrap it  into ``<p>..</p>`` as we do it
> right now.

New description:

 (Pseudo)-Fields in classes inheriting from
 `django.contrib.admin.ModelsAdmin` which are callables, must be listed in
 `readonly_fields`. This implies that in `admin/includes/fieldset.html`
 (line 17) and `admin/edit_inline/tabular.html` (line 55) the content of
 this field is wrapped inside a paragraph `<p>{{ field.contents }}</p>`.

 However, a `<p>...</p>` is not suitable to accept every kind of HTML
 element. Therefore when using a "callable" field, which renders it's
 content in HTML, one might get a surprising result.

 Since the author of a callable field may wrap it's content into whatever
 (s)he likes, there should be a way to avoid these wrapping paragraphs.

 My proposal is to check if `field.contents` is safe text, and if so then
 leave it as-is, or otherwise wrap it  into `<p>..</p>` as we do it right
 now.

--

Comment:

 I'm not sure if the proposal is completely backwards-compatible, but the
 problem seems real.

--
Ticket URL: <https://code.djangoproject.com/ticket/27386#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/063.3ee83f109aa56522cd88010e67c0adf1%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to