Re: message mark_safe and redirect results in message still showiing with encoded tags

Wed, 24 Aug 2011 05:08:19 -0700 

Great tip!

thanks for this hint, I decided to (mis-)use extra_tags for this
purpose!

I have now implemented the following:

    try:
        # build a safe message
        raise InvalidUserException(message=mark_safe('some <b>safe</b>
message'))
    expect Exception e:
        # test if content is safe, if so: flag message as safe
        extra_tags = None
        if isinstance(e.message, SafeData):
            extra_tags = 'safe'
        messages.error(request, e.message, extra_tags)


And now I can show the message in my template, with the help of an
extra template_tag

        {% if messages %}
        <ul class="messages">
            {% for message in messages %}
            <li{% if message.tags %} class="{{ message.tags }}"{%
endif %}>{{ message|test_safe_tag }}</li>
            {% endfor %}
        </ul>
        {% endif %}


Where test_safe_tag is defined as:

    @register.filter
    def test_safe_tag(message):
        """test if the message contains safe in the extra_tag"""
        if message.extra_tags == "safe":
            message.message = mark_safe(message.message)
        return message

it's not perfect: it generates an extra class in my html (safe), and I
need to perform these extra steps (of performing the testing if it is
safe, to set the extra flag, and when presenting I have to test for
this flag again as well), but at least it is allowed when marked safe!


On 23 aug, 16:48, Andy McKay <a...@clearwind.ca> wrote:
> On 2011-08-23, at 1:08 AM, Leon van der Ree wrote:
>
> > that explains why I experience this issue. However doesn't it suppose
> > to work like this; Why should a safe string become unsafe again after
> > deserialisation? I understand this is a current limitation of the
> > serialisation process, but this is not exactly what you would expect,
> > is it. So in my eyes this is still a bug.
>
> Nothing advertises it would work this way, so its a feature request.
>
> > Are there any known workarounds?
>
> You could store more than a string in the message I bet, for example 
> {'msg':'hello', 'safe':True} and then cope with it when you deserialize.
> --
>   Andy McKay
>   a...@clearwind.ca
>   twitter: @andymckay

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Reply via email to