summaryrefslogtreecommitdiff
path: root/django
diff options
context:
space:
mode:
authorClaude Paroz <claude@2xlibre.net>2015-03-06 21:56:11 +0100
committerClaude Paroz <claude@2xlibre.net>2015-03-06 22:20:14 +0100
commitec808e807ad711b993f199f6b4165ac6d0e1125b (patch)
tree8a76a9169f1a3da7d0915332b2a3c6f34422eb0f /django
parentceaf31adfff3801f1092a215f73704e15a70e90c (diff)
Fixed urlize regression with entities in query strings
Refs #22267. Thanks Shai Berger for spotting the issue and Tim Graham for the initial patch.
Diffstat (limited to 'django')
-rw-r--r--django/utils/html.py14
1 files changed, 7 insertions, 7 deletions
diff --git a/django/utils/html.py b/django/utils/html.py
index 569ac74e96..63a895b432 100644
--- a/django/utils/html.py
+++ b/django/utils/html.py
@@ -282,17 +282,17 @@ def urlize(text, trim_url_limit=None, nofollow=False, autoescape=False):
smart_urlquote. For example:
http://example.com?x=1&amp;y=&lt;2&gt; => http://example.com?x=1&y=<2>
"""
- if not safe_input:
- return text, text, trail
unescaped = (text + trail).replace(
'&amp;', '&').replace('&lt;', '<').replace(
'&gt;', '>').replace('&quot;', '"').replace('&#39;', "'")
- # ';' in trail can be either trailing punctuation or end-of-entity marker
- if unescaped.endswith(';'):
- return text, unescaped[:-1], trail
- else:
+ if trail and unescaped.endswith(trail):
+ # Remove trail for unescaped if it was not consumed by unescape
+ unescaped = unescaped[:-len(trail)]
+ elif trail == ';':
+ # Trail was consumed by unescape (as end-of-entity marker), move it to text
text += trail
- return text, unescaped, ''
+ trail = ''
+ return text, unescaped, trail
words = word_split_re.split(force_text(text))
for i, word in enumerate(words):