is_safe filter flag

[justincapella@…]

From django/template/base.py:resolve

[code]

if getattr(func, 'is_safe', False) and isinstance(obj, SafeData):

obj = mark_safe(new_obj)

code

The isinstance(obj, SafeData) seems to prevent is_safe flag from having any affect on the output.
Thinking of the use cases we have some function/tag that we want to either have mark_safe called on, or not called on.

imo, this should just be

[code]

if getattr(func, 'is_safe', False):

obj = mark_safe(new_obj)

code

This allows is_safe to have an effect on the outcome... which the current code does not.

[polmuz]

Hi Justin,

I've been going through the code and the docs and that conditional seems to be fine.

The idea is that you may have filter that modifies the input in a safe way but it doesn't return a safe object (e.g. strings are not safe)

@register.filter(is_safe=True)
def add_xx(value):
    return '%sxx' % value

So, if the previous object was safe and the filter is safe then it can
be marked as safe again.

resolve() is doing roughly the following:

# apply the filter
new_obj = add_xx(old_obj)

# check if it's still safe
if filter is_safe and old_obj is_safe:
    mark new_obj as safe too

Here are the docs that describe this behavior ​https://docs.djangoproject.com/en/1.5/howto/custom-template-tags/#filters-auto-escaping

If you have a filter where you know the output will be safe then you can use django.utils.safestring.mark_safe
directly on the output.

I may have not understood the description, so if this is not what you meant, please reopen the ticket!

[anonymous]

Hi, I did misunderstand the intent of the flag. But while I have your attention on the matter-- the code could still be reduced to

if getattr(func, 'is_safe', False):

as the first thing mark_safe does is to see if it is already an instance of SafeData... but perhaps the intent was to prevent the unnesc call. Thanks