Opened 8 years ago
Last modified 8 years ago
#28121 closed Bug
force_text incorrectly handles SafeBytes under PY3 — at Initial Version
| Reported by: | Thomas Achtemichuk | Owned by: | nobody |
|---|---|---|---|
| Component: | Utilities | Version: | 1.11 |
| Severity: | Normal | Keywords: | |
| Cc: | tom@… | Triage Stage: | Unreviewed |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Under python 3 & Django 1.8.18, 1.9.13, 1.10.7, 1.11 and master, calling force_text on an instance of SafeBytes causes a str to be returned rather than an instance of SafeText.
>>> from django.utils.safestring import SafeBytes, SafeText
>>> from django.utils.encoding import force_text
>>> type(force_text(SafeText('')))
django.utils.safestring.SafeText
>>> type(force_text(SafeBytes(b'')))
str
This causes byte strings run through mark_safe and rendered in a template to be incorrectly escaped.
>>> from django.template import Template, Context
>>> from django.utils.safestring import mark_safe
>>> Template('{{ x }}').render(Context({'x': mark_safe(b'&')}))
'&'
>>> Template('{{ x }}').render(Context({'x': mark_safe('&')}))
'&'
Note:
See TracTickets
for help on using tickets.