Loading django/template/base.py +15 −1 Original line number Diff line number Diff line Loading @@ -54,6 +54,7 @@ from __future__ import unicode_literals import inspect import logging import re import warnings from django.template.context import ( # NOQA: imported for backwards compatibility BaseContext, Context, ContextPopException, RequestContext, Loading Loading @@ -722,6 +723,7 @@ class FilterExpression(object): obj = string_if_invalid else: obj = self.var escape_isnt_last_filter = True for func, args in self.filters: arg_vals = [] for lookup, arg in args: Loading @@ -738,9 +740,21 @@ class FilterExpression(object): if getattr(func, 'is_safe', False) and isinstance(obj, SafeData): obj = mark_safe(new_obj) elif isinstance(obj, EscapeData): with warnings.catch_warnings(): # Ignore mark_for_escaping deprecation as this will be # removed in Django 2.0. warnings.simplefilter('ignore', category=RemovedInDjango20Warning) obj = mark_for_escaping(new_obj) escape_isnt_last_filter = False else: obj = new_obj if not escape_isnt_last_filter: warnings.warn( "escape isn't the last filter in %s and will be applied " "immediately in Django 2.0 so the output may change." % [func.__name__ for func, _ in self.filters], RemovedInDjango20Warning, stacklevel=2 ) return obj def args_check(name, func, provided): Loading django/template/defaultfilters.py +7 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ from __future__ import unicode_literals import random as random_module import re import warnings from decimal import ROUND_HALF_UP, Context, Decimal, InvalidOperation from functools import wraps from operator import itemgetter Loading @@ -10,6 +11,7 @@ from pprint import pformat from django.utils import formats, six from django.utils.dateformat import format, time_format from django.utils.deprecation import RemovedInDjango20Warning from django.utils.encoding import force_text, iri_to_uri from django.utils.html import ( avoid_wrapping, conditional_escape, escape, escapejs, linebreaks, Loading Loading @@ -439,6 +441,10 @@ def escape_filter(value): """ Marks the value as a string that should be auto-escaped. """ with warnings.catch_warnings(): # Ignore mark_for_escaping deprecation -- this will use # conditional_escape() in Django 2.0. warnings.simplefilter('ignore', category=RemovedInDjango20Warning) return mark_for_escaping(value) Loading django/utils/safestring.py +4 −0 Original line number Diff line number Diff line Loading @@ -4,7 +4,10 @@ without further escaping in HTML. Marking something as a "safe string" means that the producer of the string has already turned characters that should not be interpreted by the HTML engine (e.g. '<') into the appropriate entities. """ import warnings from django.utils import six from django.utils.deprecation import RemovedInDjango20Warning from django.utils.functional import Promise, curry Loading Loading @@ -138,6 +141,7 @@ def mark_for_escaping(s): Can be called multiple times on a single string (the resulting escaping is only applied once). """ warnings.warn('mark_for_escaping() is deprecated.', RemovedInDjango20Warning) if hasattr(s, '__html__') or isinstance(s, EscapeData): return s if isinstance(s, bytes) or (isinstance(s, Promise) and s._delegate_bytes): Loading docs/howto/custom-template-tags.txt +0 −9 Original line number Diff line number Diff line Loading @@ -210,15 +210,6 @@ passed around inside the template code: # Do something with the "safe" string. ... * **Strings marked as "needing escaping"** are *always* escaped on output, regardless of whether they are in an :ttag:`autoescape` block or not. These strings are only escaped once, however, even if auto-escaping applies. Internally, these strings are of type ``EscapeBytes`` or ``EscapeText``. Generally you don't have to worry about these; they exist for the implementation of the :tfilter:`escape` filter. Template filter code falls into one of two situations: 1. Your filter does not introduce any HTML-unsafe characters (``<``, ``>``, Loading docs/internals/deprecation.txt +7 −0 Original line number Diff line number Diff line Loading @@ -168,6 +168,13 @@ details on these changes. * ``FileField`` methods ``get_directory_name()`` and ``get_filename()`` will be removed. * The ``mark_for_escaping()`` function and the classes it uses: ``EscapeData``, ``EscapeBytes``, ``EscapeText``, ``EscapeString``, and ``EscapeUnicode`` will be removed. * The ``escape`` filter will change to use ``django.utils.html.conditional_escape()``. .. _deprecation-removed-in-1.10: 1.10 Loading Loading
django/template/base.py +15 −1 Original line number Diff line number Diff line Loading @@ -54,6 +54,7 @@ from __future__ import unicode_literals import inspect import logging import re import warnings from django.template.context import ( # NOQA: imported for backwards compatibility BaseContext, Context, ContextPopException, RequestContext, Loading Loading @@ -722,6 +723,7 @@ class FilterExpression(object): obj = string_if_invalid else: obj = self.var escape_isnt_last_filter = True for func, args in self.filters: arg_vals = [] for lookup, arg in args: Loading @@ -738,9 +740,21 @@ class FilterExpression(object): if getattr(func, 'is_safe', False) and isinstance(obj, SafeData): obj = mark_safe(new_obj) elif isinstance(obj, EscapeData): with warnings.catch_warnings(): # Ignore mark_for_escaping deprecation as this will be # removed in Django 2.0. warnings.simplefilter('ignore', category=RemovedInDjango20Warning) obj = mark_for_escaping(new_obj) escape_isnt_last_filter = False else: obj = new_obj if not escape_isnt_last_filter: warnings.warn( "escape isn't the last filter in %s and will be applied " "immediately in Django 2.0 so the output may change." % [func.__name__ for func, _ in self.filters], RemovedInDjango20Warning, stacklevel=2 ) return obj def args_check(name, func, provided): Loading
django/template/defaultfilters.py +7 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ from __future__ import unicode_literals import random as random_module import re import warnings from decimal import ROUND_HALF_UP, Context, Decimal, InvalidOperation from functools import wraps from operator import itemgetter Loading @@ -10,6 +11,7 @@ from pprint import pformat from django.utils import formats, six from django.utils.dateformat import format, time_format from django.utils.deprecation import RemovedInDjango20Warning from django.utils.encoding import force_text, iri_to_uri from django.utils.html import ( avoid_wrapping, conditional_escape, escape, escapejs, linebreaks, Loading Loading @@ -439,6 +441,10 @@ def escape_filter(value): """ Marks the value as a string that should be auto-escaped. """ with warnings.catch_warnings(): # Ignore mark_for_escaping deprecation -- this will use # conditional_escape() in Django 2.0. warnings.simplefilter('ignore', category=RemovedInDjango20Warning) return mark_for_escaping(value) Loading
django/utils/safestring.py +4 −0 Original line number Diff line number Diff line Loading @@ -4,7 +4,10 @@ without further escaping in HTML. Marking something as a "safe string" means that the producer of the string has already turned characters that should not be interpreted by the HTML engine (e.g. '<') into the appropriate entities. """ import warnings from django.utils import six from django.utils.deprecation import RemovedInDjango20Warning from django.utils.functional import Promise, curry Loading Loading @@ -138,6 +141,7 @@ def mark_for_escaping(s): Can be called multiple times on a single string (the resulting escaping is only applied once). """ warnings.warn('mark_for_escaping() is deprecated.', RemovedInDjango20Warning) if hasattr(s, '__html__') or isinstance(s, EscapeData): return s if isinstance(s, bytes) or (isinstance(s, Promise) and s._delegate_bytes): Loading
docs/howto/custom-template-tags.txt +0 −9 Original line number Diff line number Diff line Loading @@ -210,15 +210,6 @@ passed around inside the template code: # Do something with the "safe" string. ... * **Strings marked as "needing escaping"** are *always* escaped on output, regardless of whether they are in an :ttag:`autoescape` block or not. These strings are only escaped once, however, even if auto-escaping applies. Internally, these strings are of type ``EscapeBytes`` or ``EscapeText``. Generally you don't have to worry about these; they exist for the implementation of the :tfilter:`escape` filter. Template filter code falls into one of two situations: 1. Your filter does not introduce any HTML-unsafe characters (``<``, ``>``, Loading
docs/internals/deprecation.txt +7 −0 Original line number Diff line number Diff line Loading @@ -168,6 +168,13 @@ details on these changes. * ``FileField`` methods ``get_directory_name()`` and ``get_filename()`` will be removed. * The ``mark_for_escaping()`` function and the classes it uses: ``EscapeData``, ``EscapeBytes``, ``EscapeText``, ``EscapeString``, and ``EscapeUnicode`` will be removed. * The ``escape`` filter will change to use ``django.utils.html.conditional_escape()``. .. _deprecation-removed-in-1.10: 1.10 Loading
