diff options
| author | Tim Graham <timograham@gmail.com> | 2013-10-30 08:11:31 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2013-10-30 08:12:09 -0400 |
| commit | da0c7723fa71f7273d5bd917a6aecc4243232a4e (patch) | |
| tree | 9acc18abdf67ff6da1996354bad9cfa19625980b | |
| parent | aa645d20df05cdbd6ce28ff31f1cf00bd9af1e40 (diff) | |
[1.6.x] Fixed #21316 -- Documented that modifying safe strings makes them unsafe.
Thanks dev@simon.net.nz for the suggestion and vijay_shanker for the patch.
Backport of 1edef50880 from master
| -rw-r--r-- | docs/ref/utils.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt index 22d54d137f..a8b8fc9d7f 100644 --- a/docs/ref/utils.txt +++ b/docs/ref/utils.txt @@ -790,6 +790,17 @@ appropriate entities. Can be called multiple times on a single string. + String marked safe will become unsafe again if modified. For example:: + + >>> mystr = '<b>Hello World</b> ' + >>> mystr = mark_safe(mystr) + >>> type(mystr) + <class 'django.utils.safestring.SafeBytes'> + + >>> mystr = mystr.strip() # removing whitespace + >>> type(mystr) + <type 'str'> + .. function:: mark_for_escaping(s) Explicitly mark a string as requiring HTML escaping upon output. Has no |