mirror of
https://github.com/django/django.git
synced 2025-07-22 20:55:17 +00:00
Fixed #24469 -- Refined escaping of Django's form elements in non-Django templates.
This commit is contained in:
parent
dc5b01ad05
commit
1f2abf784a
15 changed files with 198 additions and 21 deletions
|
@ -18,7 +18,7 @@ from django.utils.encoding import (
|
|||
force_str, force_text, python_2_unicode_compatible,
|
||||
)
|
||||
from django.utils.formats import get_format
|
||||
from django.utils.html import conditional_escape, format_html
|
||||
from django.utils.html import conditional_escape, format_html, html_safe
|
||||
from django.utils.safestring import mark_safe
|
||||
from django.utils.six.moves import range
|
||||
from django.utils.six.moves.urllib.parse import urljoin
|
||||
|
@ -37,6 +37,7 @@ __all__ = (
|
|||
MEDIA_TYPES = ('css', 'js')
|
||||
|
||||
|
||||
@html_safe
|
||||
@python_2_unicode_compatible
|
||||
class Media(object):
|
||||
def __init__(self, media=None, **kwargs):
|
||||
|
@ -51,9 +52,6 @@ class Media(object):
|
|||
for name in MEDIA_TYPES:
|
||||
getattr(self, 'add_' + name)(media_attrs.get(name, None))
|
||||
|
||||
def __html__(self):
|
||||
return force_text(self)
|
||||
|
||||
def __str__(self):
|
||||
return self.render()
|
||||
|
||||
|
@ -159,6 +157,7 @@ class MediaDefiningClass(type):
|
|||
return new_class
|
||||
|
||||
|
||||
@html_safe
|
||||
@python_2_unicode_compatible
|
||||
class SubWidget(object):
|
||||
"""
|
||||
|
@ -602,6 +601,7 @@ class SelectMultiple(Select):
|
|||
return data.get(name, None)
|
||||
|
||||
|
||||
@html_safe
|
||||
@python_2_unicode_compatible
|
||||
class ChoiceInput(SubWidget):
|
||||
"""
|
||||
|
@ -667,6 +667,7 @@ class CheckboxChoiceInput(ChoiceInput):
|
|||
return self.choice_value in self.value
|
||||
|
||||
|
||||
@html_safe
|
||||
@python_2_unicode_compatible
|
||||
class ChoiceFieldRenderer(object):
|
||||
"""
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue