mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-26 12:09:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fixed #25469 -- Added autoescape option to DjangoTemplates backend.

Browse source 
Thanks Aymeric for the initial patch and Carl for review.
This commit is contained in:
Aaron Elliot Ross 2015-11-08 10:06:07 +01:00 committed by Tim Graham
parent a8f05f405f
commit 19a5f6da32
7 changed files with 60 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
docs/ref/templates/api.txt
View file

@ -48,7 +48,7 @@ probably isn't the documentation you're looking for. An instance of the
of that backend and any attribute defaults mentioned below are overridden by
what's passed by :class:`~django.template.backends.django.DjangoTemplates`.
.. class:: Engine(dirs=None, app_dirs=False, context_processors=None, debug=False, loaders=None, string_if_invalid='', file_charset='utf-8', libraries=None, builtins=None)
.. class:: Engine(dirs=None, app_dirs=False, context_processors=None, debug=False, loaders=None, string_if_invalid='', file_charset='utf-8', libraries=None, builtins=None, autoescape=True)
When instantiating an ``Engine`` all arguments must be passed as keyword
arguments:
@ -63,6 +63,18 @@ what's passed by :class:`~django.template.backends.django.DjangoTemplates`.
It defaults to ``False``.
* ``autoescape`` controls whether HTML autoescaping is enabled.
It defaults to ``True``.
.. warning::
Only set it to ``False`` if you're rendering non-HTML templates!
.. versionadded:: 1.10
The ``autoescape`` option was added.
* ``context_processors`` is a list of dotted Python paths to callables
that are used to populate the context when a template is rendered with a
request. These callables take a request object as their argument and

4
docs/releases/1.10.txt
View file

@ -204,7 +204,9 @@ Signals
Templates
^^^^^^^^^
* ...
* Added the ``autoescape`` option to the
:class:`~django.template.backends.django.DjangoTemplates` backend and the
:class:`~django.template.Engine` class.
Tests
^^^^^

13
docs/topics/templates.txt
View file

@ -295,6 +295,19 @@ applications. This generic name was kept for backwards-compatibility.
``DjangoTemplates`` engines accept the following :setting:`OPTIONS
<TEMPLATES-OPTIONS>`:
* ``'autoescape'``: a boolean that controls whether HTML autoescaping is
enabled.
It defaults to ``True``.
.. warning::
Only set it to ``False`` if you're rendering non-HTML templates!
.. versionadded:: 1.10
The ``autoescape`` option was added.
* ``'context_processors'``: a list of dotted Python paths to callables that
are used to populate the context when a template is rendered with a request.
These callables take a request object as their argument and return a