summaryrefslogtreecommitdiff
path: root/django/utils/html.py
AgeCommit message (Collapse)Author
2014-03-22Improved strip_tags and clarified documentationClaude Paroz
The fact that strip_tags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/
2014-03-21Removed fix_ampersands template filter per deprecation timeline.Tim Graham
Also removed related utility functions: * django.utils.html.fix_ampersands * django.utils.html.clean_html
2014-03-08Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warningsClaude Paroz
Thanks Anssi Kääriäinen for the idea and Simon Charette for the review.
2014-03-03Fixed many typos in comments and docstrings.Rodolfo Carvalho
Thanks Piotr Kasprzyk for help with the patch.
2014-03-01Fixed #22130 -- Deprecated fix_ampersands, removed utils.clean_html()Erik Romijn
2013-12-16Removed unnecessary function-level import.Baptiste Mispelon
2013-12-16Removed unnecessary call to force_text in utils.html.clean_html.Vajrasky Kok
Refs #21574
2013-12-14Fixed E127 pep8 warnings.Loic Bistuer
2013-11-28Fixed E125 pep8 warningsChristopher Medrela
2013-11-02Correct flake8 E302 violationsRay Ashman Jr
2013-11-02More attacking E302 violatorsAlex Gaynor
2013-11-02Correct flake8 violation E261Ray Ashman Jr
2013-10-23Fixed #21298 -- Fixed E301 pep8 warningsAlasdair Nicol
2013-10-21Fixed #21288 -- Fixed E126 pep8 warningsAlasdair Nicol
2013-10-15Fixed #7261 -- support for __html__ for library interoperabilityUnai Zalakain
The idea is that if an object implements __html__ which returns a string this is used as HTML representation (eg: on escaping). If the object is a str or unicode subclass and returns itself the object is a safe string type. This is an updated patch based on jbalogh and ivank patches.
2013-09-25Fixed #20364 -- Changed urlize regexes to include quotation marks as punctation.Giles Richard Greenway
Thanks to EmilStenstrom for raising this, and to Chris Piwoński for all of the fixes and most of the tests.
2013-09-06Fixed a number of flake8 errors -- particularly around unused imports and ↵Alex Gaynor
local variables
2013-09-05Took advantage of django.utils.six.moves.urllib.*.Aymeric Augustin
2013-08-30Fixed #20989 -- Removed useless explicit list comprehensions.Simon Charette
2013-07-28Simplified smart_urlquote and added some basic tests.Florian Apolloner
2013-06-19Removed several unused imports.Aymeric Augustin
2013-05-23Fixed #19237 (again) - Made strip_tags consistent between Python versionsClaude Paroz
2013-05-22Fixed #19237 -- Used HTML parser to strip tagsClaude Paroz
The regex method used until now for the strip_tags utility is fast, but subject to flaws and security issues. Consensus and good practice lead use to use a slower but safer method.
2013-05-18Fixed #20246 -- Added non-breaking spaces between values an unitsEmil Stenström
2013-05-17Replaced an antiquated pattern.Aymeric Augustin
Thanks Lennart Regebro for pointing it out.
2013-04-01Fixed #20172 -- Ensured urlize supports IPv4/IPv6 addressesClaude Paroz
Thanks Marc Aymerich for the report and the initial patch.
2013-02-06Improved regex in strip_tagsClaude Paroz
Thanks Pablo Recio for the report. Refs #19237.
2013-01-25Fixed #19577 - Added HTML escaping to admin examples.Tim Graham
Thanks foo@ for the report and Florian Apolloner for the review.
2012-12-03cope with unsplittable urls in smarl_urlquote.Tom Insam
2012-11-24Fixed #19237 -- Improved strip_tags utilityChris Khoo
The previous pattern didn't properly addressed cases where '>' was present inside quoted tag content.
2012-10-31Fixed #19070 -- urlize filter no longer raises exceptions on 2.7Andrew Godwin
Thanks to claudep for the patch.
2012-09-18Use unicode.translate to speed up js escaping.Dave Hall
2012-08-29Replaced many smart_bytes by force_bytesClaude Paroz
In all those occurrences, we didn't care about preserving the lazy status of the strings, but we really wanted to obtain a real bytestring.
2012-08-18[py3] Made 212b9826bd Python 3-friendlyAymeric Augustin
2012-08-18Fixed #14516 -- Extract methods from removetags and slugify template filtersMarc Tamlyn
Patch by @jphalip updated to apply, documentation and release notes added. I've documented strip_tags as well as remove_tags as the difference between the two wouldn't be immediately obvious.
2012-08-11[py3] Re-decoded string after idna encodingClaude Paroz
2012-08-07[py3] Ported django.utils.encoding.Aymeric Augustin
* Renamed smart_unicode to smart_text (but kept the old name under Python 2 for backwards compatibility). * Renamed smart_str to smart_bytes. * Re-introduced smart_str as an alias for smart_text under Python 3 and smart_bytes under Python 2 (which is backwards compatible). Thus smart_str always returns a str objects. * Used the new smart_str in a few places where both Python 2 and 3 want a str.
2012-08-07[py3] Fixed access to dict keys/values/items.Aymeric Augustin
2012-08-03Remove a temporary variable deletion, it's not a big deal and it doesn't ↵Alex Gaynor
exist on python3.
2012-07-25Merge pull request #216 from ljosa/ticket_18644Florian Apolloner
Fixed #18644 -- Made urlize trim trailing period followed by parenthesis
2012-07-22[py3] Updated urllib/urllib2/urlparse imports.Aymeric Augustin
Lots of functions were moved. Use explicit imports in all cases to keey it easy to identify where the functions come from.
2012-07-22[py3] Replaced unicode/str by six.text_type/bytes.Aymeric Augustin
2012-07-17Fixed #18644 -- Made urlize trim trailing period followed by parenthesisVebjorn Ljosa
2012-07-03Added 'format_html' utility for formatting HTML fragments safelyLuke Plant
2012-07-03Documented utils.html.escape and conditional_escapeLuke Plant
2012-06-07Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.Claude Paroz
Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review.
2012-05-19Marked bytestrings with b prefix. Refs #18269Claude Paroz
This is a preparation for unicode literals general usage in Django (Python 3 compatibility).
2012-04-11Fixed #18071 -- Ignored case sensitivity in urlize utility. Thanks ↵Claude Paroz
luke@creaturecreative.com and adamzap for the report and the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17898 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-04Fixed #17592 -- Handle URLs starting with a dot when using urlize. Thanks, ↵Jannis Leidel
Claude Paroz. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17435 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-03Small fix to comments in utils/html.py from [17347]Adrian Holovaty
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17424 bcc190cf-cafb-0310-a4f2-bffc1f526a37