mirror of
https://github.com/django/django.git
synced 2025-10-23 21:59:11 +00:00
Fixed #24469 -- Refined escaping of Django's form elements in non-Django templates.
This commit is contained in:
committed by
Tim Graham
parent
dc5b01ad05
commit
1f2abf784a
@@ -657,6 +657,20 @@ escaping HTML.
|
||||
.. _str.format: https://docs.python.org/library/stdtypes.html#str.format
|
||||
.. _bleach: https://pypi.python.org/pypi/bleach
|
||||
|
||||
.. function:: html_safe()
|
||||
|
||||
.. versionadded:: 1.8
|
||||
|
||||
The ``__html__()`` method on a class helps non-Django templates detect
|
||||
classes whose output doesn't require HTML escaping.
|
||||
|
||||
This decorator defines the ``__html__()`` method on the decorated class
|
||||
by wrapping the ``__unicode__()`` (Python 2) or ``__str__()`` (Python 3)
|
||||
in :meth:`~django.utils.safestring.mark_safe`. Ensure the ``__unicode__()``
|
||||
or ``__str__()`` method does indeed return text that doesn't require HTML
|
||||
escaping.
|
||||
|
||||
|
||||
``django.utils.http``
|
||||
=====================
|
||||
|
||||
|
Reference in New Issue
Block a user