mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
Fixed #18634 -- Don't escape variables in the context for startproject/startapp.
The & symbols which can come up in the secret key were being escaped to &.
This commit is contained in:
committed by
Florian Apolloner
parent
59d99772f0
commit
a875f612e0
@@ -0,0 +1 @@
|
||||
# this file uses the {{ extra }} variable
|
@@ -0,0 +1,11 @@
|
||||
from optparse import make_option
|
||||
|
||||
from django.core.management.commands.startproject import Command as BaseCommand
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
option_list = BaseCommand.option_list + (
|
||||
make_option('--extra',
|
||||
action='store', dest='extra',
|
||||
help='An arbitrary extra value passed to the context'),
|
||||
)
|
@@ -1541,6 +1541,24 @@ class StartProject(LiveServerTestCase, AdminScriptTestCase):
|
||||
self.assertIn("project_name = 'another_project'", content)
|
||||
self.assertIn("project_directory = '%s'" % testproject_dir, content)
|
||||
|
||||
def test_no_escaping_of_project_variables(self):
|
||||
"Make sure template context variables are not html escaped"
|
||||
# We're using a custom command so we need the alternate settings
|
||||
self.write_settings('alternate_settings.py')
|
||||
template_path = os.path.join(test_dir, 'admin_scripts', 'custom_templates', 'project_template')
|
||||
args = ['custom_startproject', '--template', template_path, 'another_project', 'project_dir', '--extra', '<&>', '--settings=alternate_settings']
|
||||
testproject_dir = os.path.join(test_dir, 'project_dir')
|
||||
os.mkdir(testproject_dir)
|
||||
out, err = self.run_manage(args)
|
||||
self.addCleanup(shutil.rmtree, testproject_dir)
|
||||
self.assertNoOutput(err)
|
||||
test_manage_py = os.path.join(testproject_dir, 'additional_dir', 'extra.py')
|
||||
with open(test_manage_py, 'r') as fp:
|
||||
content = fp.read()
|
||||
self.assertIn("<&>", content)
|
||||
# tidy up alternate settings
|
||||
self.remove_settings('alternate_settings.py')
|
||||
|
||||
def test_custom_project_destination_missing(self):
|
||||
"""
|
||||
Make sure an exception is raised when the provided
|
||||
|
Reference in New Issue
Block a user