diff options
| author | Moritz Sichert <moritz.sichert@googlemail.com> | 2015-03-18 21:42:59 +0100 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2015-03-27 20:01:41 -0400 |
| commit | 44a05a8a912596c44f37f050dcde85b45827b3b6 (patch) | |
| tree | 237d32eff118beb88ebbb0c29eaff456978bdbfa /docs/ref | |
| parent | 6a2f46f2381269187195a0f9165a893f54dc01a3 (diff) | |
[1.8.x] Fixed #24469 -- Refined escaping of Django's form elements in non-Django templates.
Backport of 1f2abf784a9fe550959de242d91963b2ad6f7e9c from master
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/utils.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt index c9a68b308e..802bae82b2 100644 --- a/docs/ref/utils.txt +++ b/docs/ref/utils.txt @@ -689,6 +689,19 @@ escaping HTML. .. _str.format: https://docs.python.org/library/stdtypes.html#str.format .. _bleach: https://pypi.python.org/pypi/bleach +.. function:: html_safe() + + .. versionadded:: 1.8 + + The ``__html__()`` method on a class helps non-Django templates detect + classes whose output doesn't require HTML escaping. + + This decorator defines the ``__html__()`` method on the decorated class + by wrapping the ``__unicode__()`` (Python 2) or ``__str__()`` (Python 3) + in :meth:`~django.utils.safestring.mark_safe`. Ensure the ``__unicode__()`` + or ``__str__()`` method does indeed return text that doesn't require HTML + escaping. + ``django.utils.http`` ===================== |
