mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-05 18:29:11 +00:00
Code Issues 32 Releases Wiki Activity

magic-removal: Fixed #1270 -- Made the escape filter escape single quotes

Browse Source 
git-svn-id: http://code.djangoproject.com/svn/django/branches/magic-removal@2738 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Adrian Holovaty 2006-04-23 22:23:46 +00:00
parent 213b6a6905
commit 980a522f9f
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/utils/html.py
View File

@ -25,7 +25,7 @@ def escape(html):
"Returns the given HTML with ampersands, quotes and carets encoded" "Returns the given HTML with ampersands, quotes and carets encoded"
if not isinstance(html, basestring): if not isinstance(html, basestring):
html = str(html) html = str(html)
return html.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;') return html.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;')
def linebreaks(value): def linebreaks(value):
"Converts newlines into <p> and <br />s" "Converts newlines into <p> and <br />s"

3
docs/templates.txt
View File

@ -844,7 +844,8 @@ Escapes a string's HTML. Specifically, it makes these replacements:
* ``"&"`` to ``"&amp;"`` * ``"&"`` to ``"&amp;"``
* ``<`` to ``"&lt;"`` * ``<`` to ``"&lt;"``
* ``>`` to ``"&gt;"`` * ``>`` to ``"&gt;"``
* ``'"'`` (double quote) to ``"&quot;"`` * ``'"'`` (double quote) to ``'&quot;'``
* ``"'"`` (single quote) to ``'&#39;'``
filesizeformat filesizeformat
~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~