diff options
| author | Tim Graham <timograham@gmail.com> | 2013-10-30 08:11:31 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2013-10-30 08:12:19 -0400 |
| commit | f832f0d2c309ac31bbf3616c34495c48509b0fb3 (patch) | |
| tree | 01b9def62499f308f397f4d546a5644a9b4b19e9 /docs | |
| parent | 9074d2f5f9f32d851eb938418a77bdb24131536f (diff) | |
[1.5.x] Fixed #21316 -- Documented that modifying safe strings makes them unsafe.
Thanks dev@simon.net.nz for the suggestion and vijay_shanker for the patch.
Backport of 1edef50880 from master
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/utils.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt index 5d234e7883..0ef0a838bf 100644 --- a/docs/ref/utils.txt +++ b/docs/ref/utils.txt @@ -746,6 +746,17 @@ appropriate entities. Can be called multiple times on a single string. + String marked safe will become unsafe again if modified. For example:: + + >>> mystr = '<b>Hello World</b> ' + >>> mystr = mark_safe(mystr) + >>> type(mystr) + <class 'django.utils.safestring.SafeBytes'> + + >>> mystr = mystr.strip() # removing whitespace + >>> type(mystr) + <type 'str'> + .. function:: mark_for_escaping(s) Explicitly mark a string as requiring HTML escaping upon output. Has no |
