mirror of
https://github.com/django/django.git
synced 2024-12-22 09:05:43 +00:00
Refs #25165 -- Removed unnecessary HTML unescaping in admin add/edit popups.
Because we now load data into the page via JSON, we don't need to unescape it anymore.
This commit is contained in:
parent
780bddf75b
commit
cbaa3ee3ee
@ -5,16 +5,6 @@
|
||||
(function($) {
|
||||
'use strict';
|
||||
|
||||
function html_unescape(text) {
|
||||
// Unescape a string that was escaped using django.utils.html.escape.
|
||||
text = text.replace(/</g, '<');
|
||||
text = text.replace(/>/g, '>');
|
||||
text = text.replace(/"/g, '"');
|
||||
text = text.replace(/'/g, "'");
|
||||
text = text.replace(/&/g, '&');
|
||||
return text;
|
||||
}
|
||||
|
||||
// IE doesn't accept periods or dashes in the window name, but the element IDs
|
||||
// we use to generate popup window names may contain them, therefore we map them
|
||||
// to allowed characters in a reversible way so that we can locate the correct
|
||||
@ -84,10 +74,6 @@
|
||||
}
|
||||
|
||||
function dismissAddRelatedObjectPopup(win, newId, newRepr) {
|
||||
// newId and newRepr are expected to have previously been escaped by
|
||||
// django.utils.html.escape.
|
||||
newId = html_unescape(newId);
|
||||
newRepr = html_unescape(newRepr);
|
||||
var name = windowname_to_id(win.name);
|
||||
var elem = document.getElementById(name);
|
||||
if (elem) {
|
||||
@ -113,8 +99,6 @@
|
||||
}
|
||||
|
||||
function dismissChangeRelatedObjectPopup(win, objId, newRepr, newId) {
|
||||
objId = html_unescape(objId);
|
||||
newRepr = html_unescape(newRepr);
|
||||
var id = windowname_to_id(win.name).replace(/^edit_/, '');
|
||||
var selectsSelector = interpolate('#%s, #%s_from, #%s_to', [id, id, id]);
|
||||
var selects = $(selectsSelector);
|
||||
@ -128,7 +112,6 @@
|
||||
}
|
||||
|
||||
function dismissDeleteRelatedObjectPopup(win, objId) {
|
||||
objId = html_unescape(objId);
|
||||
var id = windowname_to_id(win.name).replace(/^delete_/, '');
|
||||
var selectsSelector = interpolate('#%s, #%s_from, #%s_to', [id, id, id]);
|
||||
var selects = $(selectsSelector);
|
||||
@ -141,7 +124,6 @@
|
||||
}
|
||||
|
||||
// Global for testing purposes
|
||||
window.html_unescape = html_unescape;
|
||||
window.id_to_windowname = id_to_windowname;
|
||||
window.windowname_to_id = windowname_to_id;
|
||||
|
||||
|
@ -1,21 +1,10 @@
|
||||
/* global module, test, html_unescape, id_to_windowname,
|
||||
/* global module, test, id_to_windowname,
|
||||
windowname_to_id */
|
||||
/* eslint global-strict: 0, strict: 0 */
|
||||
'use strict';
|
||||
|
||||
module('admin.RelatedObjectLookups');
|
||||
|
||||
test('html_unescape', function(assert) {
|
||||
function assert_unescape(then, expected, message) {
|
||||
assert.equal(html_unescape(then), expected, message);
|
||||
}
|
||||
assert_unescape('<', '<', 'less thans are unescaped');
|
||||
assert_unescape('>', '>', 'greater thans are unescaped');
|
||||
assert_unescape('"', '"', 'double quotes are unescaped');
|
||||
assert_unescape(''', "'", 'single quotes are unescaped');
|
||||
assert_unescape('&', '&', 'ampersands are unescaped');
|
||||
});
|
||||
|
||||
test('id_to_windowname', function(assert) {
|
||||
assert.equal(id_to_windowname('.test'), '__dot__test');
|
||||
assert.equal(id_to_windowname('misc-test'), 'misc__dash__test');
|
||||
|
Loading…
Reference in New Issue
Block a user