Re: [Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-11-06 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
---+
  Reporter:  michelts  | Owner:  kmtracey   
   
Status:  assigned  | Milestone: 
   
 Component:  Forms |   Version:  1.0
   
Resolution:|  Keywords:  form error escape safestring 
mark_safe
 Stage:  Accepted  | Has_patch:  1  
   
Needs_docs:  0 |   Needs_tests:  0  
   
Needs_better_patch:  0 |  
---+
Changes (by kmtracey):

  * owner:  kratorius => kmtracey
  * status:  new => assigned

Comment:

 In the future please don't add additional unrelated fixes to existing
 tickets.  This ticket was about escaping of errors, not labels -- fixing
 the label case should have gone into a different ticket to make things
 simpler when reviewing.

 The errors part of this ticket overlaps a bit with #6160, which points out
 a different part of the code where error messages are not escaped.  I'm
 going to deal with both together so that errors are consistently
 conditionally escaped.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---

Re: [Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-10-21 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
---+
  Reporter:  michelts  | Owner:  kratorius  
   
Status:  new   | Milestone: 
   
 Component:  Forms |   Version:  1.0
   
Resolution:|  Keywords:  form error escape safestring 
mark_safe
 Stage:  Accepted  | Has_patch:  1  
   
Needs_docs:  0 |   Needs_tests:  0  
   
Needs_better_patch:  0 |  
---+
Changes (by adunar):

 * cc: adunar (added)

Comment:

 As I noted on http://groups.google.com/group/django-
 developers/browse_thread/thread/86fd952b0efc641e , mark_safe should also
 work on labels of form fields. I've updated the patch to also call
 conditional_escape on form labels, and added a regression test for that.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---

Re: [Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-09-17 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
---+
  Reporter:  michelts  | Owner:  nobody 
   
Status:  new   | Milestone: 
   
 Component:  Forms |   Version:  1.0
   
Resolution:|  Keywords:  form error escape safestring 
mark_safe
 Stage:  Accepted  | Has_patch:  1  
   
Needs_docs:  0 |   Needs_tests:  0  
   
Needs_better_patch:  0 |  
---+
Changes (by kratorius):

  * has_patch:  0 => 1

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---

Re: [Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-09-17 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
---+
  Reporter:  michelts  | Owner:  nobody 
   
Status:  new   | Milestone: 
   
 Component:  Forms |   Version:  1.0
   
Resolution:|  Keywords:  form error escape safestring 
mark_safe
 Stage:  Accepted  | Has_patch:  0  
   
Needs_docs:  0 |   Needs_tests:  0  
   
Needs_better_patch:  0 |  
---+
Changes (by mtredinnick):

  * stage:  Unreviewed => Accepted

Comment:

 This looks like a good change to make. Please also remember to include a
 test that fails beforehand and passes after the change. Probably the best
 place to put the test is in `regressiontests/forms/forms.py`.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---

Re: [Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-09-16 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
-+--
  Reporter:  michelts| Owner:  nobody   
 
Status:  new | Milestone:   
 
 Component:  Forms   |   Version:  1.0  
 
Resolution:  |  Keywords:  form error escape safestring 
mark_safe
 Stage:  Unreviewed  | Has_patch:  0
 
Needs_docs:  0   |   Needs_tests:  0
 
Needs_better_patch:  0   |  
-+--
Changes (by michelts):

 * cc: [EMAIL PROTECTED] (added)
  * needs_better_patch:  => 0
  * needs_tests:  => 0
  * needs_docs:  => 0

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---

[Django] #9111: form error get escaped on _html_output even if it is a SafeString instance

2008-09-16 Thread Django 
#9111: form error get escaped on _html_output even if it is a SafeString 
instance
+---
 Reporter:  michelts|   Owner:  nobody
   Status:  new |   Milestone:
Component:  Forms   | Version:  1.0   
 Keywords:  form error escape safestring mark_safe  |   Stage:  Unreviewed
Has_patch:  0   |  
+---
 Hi guys,

 When I define a form and call it on a template like:

 {{{
 {{ form }}
 }}}

 The function as_table is called. The function calls _html_output to
 render the widget, the errors and help messages. They are in
 django.forms.forms module.

 The error is escaped with django.utils.html.escape function but I
 think django.utils.html.conditional_escape should be used instead. This
 way,
 if I pass a !SafeString instance to a forms.!ValidationError exception,
 I can include html code on it.

 This error isn't raised if I write a template like:

 {{{
 {{ form.field.errors }}{{ form.field }}
 }}}

 What about to change escape to conditional_escape in all the module? I can
 send a patch if you agree...

 Best regards!

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~--~~~~--~~--~--~---