mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-31 19:46:42 +00:00
Code Issues 32 Releases Wiki Activity

Documented utils.html.escape and conditional_escape

Browse Source
This commit is contained in:
Luke Plant 2012-06-30 16:41:51 +01:00
parent cf731a543e
commit f33e150369
2 changed files with 29 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
django/utils/html.py
View File

@ -31,11 +31,11 @@ hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).*?[a-zA-Z].*?</p>\s*)+)' % '|
trailing_empty_content_re = re.compile(r'(?:<p>(?:&nbsp;|\s|<br \/>)*?</p>\s*)+\Z') trailing_empty_content_re = re.compile(r'(?:<p>(?:&nbsp;|\s|<br \/>)*?</p>\s*)+\Z')
del x # Temporary variable del x # Temporary variable
def escape(html): def escape(text):
""" """
Returns the given HTML with ampersands, quotes and angle brackets encoded. Returns the given text with ampersands, quotes and angle brackets encoded for use in HTML.
""" """
return mark_safe(force_unicode(html).replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;')) return mark_safe(force_unicode(text).replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;'))
escape = allow_lazy(escape, unicode) escape = allow_lazy(escape, unicode)
_base_js_escapes = ( _base_js_escapes = (
@ -63,14 +63,14 @@ def escapejs(value):
return value return value
escapejs = allow_lazy(escapejs, unicode) escapejs = allow_lazy(escapejs, unicode)
def conditional_escape(html): def conditional_escape(text):
""" """
Similar to escape(), except that it doesn't operate on pre-escaped strings. Similar to escape(), except that it doesn't operate on pre-escaped strings.
""" """
if isinstance(html, SafeData): if isinstance(text, SafeData):
return html return text
else: else:
return escape(html) return escape(text)
def linebreaks(value, autoescape=False): def linebreaks(value, autoescape=False):
"""Converts newlines into <p> and <br />s.""" """Converts newlines into <p> and <br />s."""

22
docs/ref/utils.txt
View File

@ -387,6 +387,28 @@ Atom1Feed
input is a proper string, then add support for lazy translation objects at the input is a proper string, then add support for lazy translation objects at the
end. end.
``django.utils.html``
=====================
.. module:: django.utils.html
:synopsis: HTML helper functions
Usually you should build up HTML using Django's templates to make use of its
autoescape mechanism, using the utilities in :mod:`django.utils.safestring`
where appropriate. This module provides some additional low level utilitiesfor
escaping HTML.
.. function:: escape(text)
Returns the given text with ampersands, quotes and angle brackets encoded
for use in HTML. The input is first passed through
:func:`~django.utils.encoding.force_unicode` and the output has
:func:`~django.utils.safestring.mark_safe` applied.
.. function:: conditional_escape(text)
Similar to ``escape()``, except that it doesn't operate on pre-escaped strings,
so it will not double escape.
``django.utils.http`` ``django.utils.http``
===================== =====================