Ticket #6058: autoescape-kmt.diff

File autoescape-kmt.diff, 5.2 KB (added by Karen Tracey <kmtracey@…>, 17 years ago)

  • django/newforms/widgets.py

     
    528528            if id_:
    529529                final_attrs = dict(final_attrs, id='%s_%s' % (id_, i))
    530530            output.append(widget.render(name + '_%s' % i, widget_value, final_attrs))
    531         return self.format_output(output)
     531        return mark_safe(self.format_output(output))
    532532
    533533    def id_for_label(self, id_):
    534534        # See the comment for RadioSelect.id_for_label()

  • django/contrib/admin/options.py

     
    101101            yield AdminField(self.form, field, is_first=(i == 0))
    102102
    103103    def errors(self):
    104         return u'\n'.join([self.form[f].errors.as_ul() for f in self.fields])
     104        return mark_safe(u'\n'.join([self.form[f].errors.as_ul() for f in self.fields]))
    105105
    106106class AdminField(object):
    107107    def __init__(self, form, field, is_first):
     
    522522            'adminform': adminForm,
    523523            'is_popup': request.REQUEST.has_key('_popup'),
    524524            'show_delete': False,
    525             'media': media,
     525            'media': mark_safe(media),
    526526            'inline_admin_formsets': inline_admin_formsets,
    527527        })
    528528        return self.render_change_form(model, c, add=True)
     
    597597            'object_id': object_id,
    598598            'original': obj,
    599599            'is_popup': request.REQUEST.has_key('_popup'),
    600             'media': media,
     600            'media': mark_safe(media),
    601601            'inline_admin_formsets': inline_admin_formsets,
    602602        })
    603603        return self.render_change_form(model, c, change=True)

  • django/contrib/admin/templatetags/admin_list.py

     
    114114        yield {"text": header,
    115115               "sortable": True,
    116116               "url": cl.get_query_string({ORDER_VAR: i, ORDER_TYPE_VAR: new_order_type}),
    117                "class_attrib": (th_classes and ' class="%s"' % ' '.join(th_classes) or '')}
     117               "class_attrib": mark_safe((th_classes and ' class="%s"' % ' '.join(th_classes) or ''))}
    118118
    119119def _boolean_icon(field_val):
    120120    BOOLEAN_MAPPING = {True: 'yes', False: 'no', None: 'unknown'}

  • django/contrib/admin/views/main.py

     
    1010from django.http import Http404
    1111from django.utils.encoding import force_unicode, smart_str
    1212from django.utils.translation import ugettext
     13from django.utils.safestring import mark_safe
    1314import operator
    1415
    1516try:

  • django/contrib/admin/widgets.py

     
    77from django.utils.text import capfirst
    88from django.utils.translation import ugettext as _
    99from django.conf import settings
     10from django.utils.safestring import mark_safe
    1011
    1112class FilteredSelectMultiple(forms.SelectMultiple):
    1213    """
     
    2829        # API to determine the ID dynamically.
    2930        output.append(u'SelectFilter.init("id_%s", "%s", %s, "%s"); });</script>\n' % \
    3031            (name, self.verbose_name.replace('"', '\\"'), int(self.is_stacked), settings.ADMIN_MEDIA_PREFIX))
    31         return u''.join(output)
     32        return mark_safe(''.join(output))
    3233
    3334class AdminDateWidget(forms.TextInput):
    3435    class Media:
     
    7374        if value:
    7475            output.append('Currently: <a target="_blank" href="%s%s">%s</a> <br>Change: ' % (settings.MEDIA_URL, value, value))
    7576        output.append(super(AdminFileWidget, self).render(name, value, attrs))
    76         return u''.join(output)
     77        return mark_safe(u''.join(output))
    7778
    7879class ForeignKeyRawIdWidget(forms.TextInput):
    7980    """
     
    99100        output.append('<a href="%s%s" class="related-lookup" id="lookup_id_%s" onclick="return showRelatedObjectLookupPopup(this);"> ' % \
    100101            (related_url, url, name))
    101102        output.append('<img src="%simg/admin/selector-search.gif" width="16" height="16" alt="Lookup"></a>' % settings.ADMIN_MEDIA_PREFIX)
    102         return u''.join(output)
     103        return mark_safe(u''.join(output))
    103104        #if self.change: # TODO
    104105            #output.append('&nbsp;<strong>TODO</strong>')
    105106           
     
    148149            output.append(u'<a href="%sadd/" class="add-another" id="add_id_%s" onclick="return showAddAnotherPopup(this);"> ' % \
    149150                (related_url, name))
    150151            output.append(u'<img src="%simg/admin/icon_addlink.gif" width="10" height="10" alt="Add Another"/></a>' % settings.ADMIN_MEDIA_PREFIX)
    151         return u''.join(output)
     152        return mark_safe(u''.join(output))
    152153
    153154    def __deepcopy__(self, memo):
    154155        # There's no reason to deepcopy admin_site, etc, so just return self.
Back to Top