Fixed #6752 -- Corrected the interaction of the safe template filter with other filters. Thanks to Rupe and Alex Gaynor for their work on the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13171 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-07-24 05:36:15 +00:00 · 2010-05-09 06:45:21 +00:00 · 2010-05-09 06:45:21 +00:00 · ced4dd2aad
commit ced4dd2aad
parent f9b75db90f
1 changed files with 10 additions and 0 deletions
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@ -1683,6 +1683,16 @@ safe
 Marks a string as not requiring further HTML escaping prior to output. When
 autoescaping is off, this filter has no effect.

+.. note::
+
+    If you are chaining filters, a filter applied after ``safe`` can
+    make the contents unsafe again. For example, the following code
+    prints the variable as is, unescaped:
+
+    .. code-block:: html+django
+
+        {{ var|safe|escape }}
+
 .. templatefilter:: safeseq

 safeseq