Tuesday, November 24, 2015

Re: Escaping of help_text in form fields

Perfect !
Thanks Tim !

Le mardi 24 novembre 2015 16:02:21 UTC+1, Tim Graham a écrit :
It's expected behavior and mentioned in the model field help_text docs, but not form field help_text docs. I'll fix that.

https://docs.djangoproject.com/en/stable/ref/models/fields/#django.db.models.Field.help_text

On Tuesday, November 24, 2015 at 9:34:18 AM UTC-5, not...@gmail.com wrote:
Hi !

Just stumbled upon this issue, with django 1.8.6:


from django import forms
from django.template import Template, Context
class A(forms.Form):

    f
= forms.CharField(help_text=u'bli "blo" >', label="bla <")
 
Template("{{form.as_p}}").render(Context({"form": A()}))


# returns:

u
'<p><label for="id_f">bla &lt;:</label> <input id="id_f" name="f" type="text" /> <span class="helptext">bli "blo" ></span></p>'



The label is escaped, but not the help_text.

  • Is that a bug ?
  • or should I mark all my help_text as unsafe ?
I did not find anything relevant in the doc or with google.

Regards,

NotSqrt

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/9814e03a-e7b6-4b54-bb1c-e1ca695fd6b2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment