<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>django.utils.safestring — Django 1.6.7 documentation</title>
<link rel="stylesheet" href="../../../_static/default.css" type="text/css" />
<link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: '../../../',
VERSION: '1.6.7',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="../../../_static/jquery.js"></script>
<script type="text/javascript" src="../../../_static/underscore.js"></script>
<script type="text/javascript" src="../../../_static/doctools.js"></script>
<link rel="top" title="Django 1.6.7 documentation" href="../../../index.html" />
<link rel="up" title="Module code" href="../../index.html" />
<script type="text/javascript" src="../../../templatebuiltins.js"></script>
<script type="text/javascript">
(function($) {
if (!django_template_builtins) {
// templatebuiltins.js missing, do nothing.
return;
}
$(document).ready(function() {
// Hyperlink Django template tags and filters
var base = "../../../ref/templates/builtins.html";
if (base == "#") {
// Special case for builtins.html itself
base = "";
}
// Tags are keywords, class '.k'
$("div.highlight\\-html\\+django span.k").each(function(i, elem) {
var tagname = $(elem).text();
if ($.inArray(tagname, django_template_builtins.ttags) != -1) {
var fragment = tagname.replace(/_/, '-');
$(elem).html("<a href='" + base + "#" + fragment + "'>" + tagname + "</a>");
}
});
// Filters are functions, class '.nf'
$("div.highlight\\-html\\+django span.nf").each(function(i, elem) {
var filtername = $(elem).text();
if ($.inArray(filtername, django_template_builtins.tfilters) != -1) {
var fragment = filtername.replace(/_/, '-');
$(elem).html("<a href='" + base + "#" + fragment + "'>" + filtername + "</a>");
}
});
});
})(jQuery);
</script>
</head>
<body>
<div class="document">
<div id="custom-doc" class="yui-t6">
<div id="hd">
<h1><a href="../../../index.html">Django 1.6.7 documentation</a></h1>
<div id="global-nav">
<a title="Home page" href="../../../index.html">Home</a> |
<a title="Table of contents" href="../../../contents.html">Table of contents</a> |
<a title="Global index" href="../../../genindex.html">Index</a> |
<a title="Module index" href="../../../py-modindex.html">Modules</a>
</div>
<div class="nav">
<a href="../../index.html" title="Module code" accesskey="U">up</a></div>
</div>
<div id="bd">
<div id="yui-main">
<div class="yui-b">
<div class="yui-g" id="_modules-django-utils-safestring">
<h1>Source code for django.utils.safestring</h1><div class="highlight"><pre>
<span class="sd">"""</span>
<span class="sd">Functions for working with "safe strings": strings that can be displayed safely</span>
<span class="sd">without further escaping in HTML. Marking something as a "safe string" means</span>
<span class="sd">that the producer of the string has already turned characters that should not</span>
<span class="sd">be interpreted by the HTML engine (e.g. '<') into the appropriate entities.</span>
<span class="sd">"""</span>
<span class="kn">from</span> <span class="nn">django.utils.functional</span> <span class="kn">import</span> <span class="n">curry</span><span class="p">,</span> <span class="n">Promise</span>
<span class="kn">from</span> <span class="nn">django.utils</span> <span class="kn">import</span> <span class="n">six</span>
<span class="k">class</span> <span class="nc">EscapeData</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
<span class="k">pass</span>
<span class="k">class</span> <span class="nc">EscapeBytes</span><span class="p">(</span><span class="nb">bytes</span><span class="p">,</span> <span class="n">EscapeData</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> A byte string that should be HTML-escaped when output.</span>
<span class="sd"> """</span>
<span class="k">pass</span>
<span class="k">class</span> <span class="nc">EscapeText</span><span class="p">(</span><span class="n">six</span><span class="o">.</span><span class="n">text_type</span><span class="p">,</span> <span class="n">EscapeData</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> A unicode string object that should be HTML-escaped when output.</span>
<span class="sd"> """</span>
<span class="k">pass</span>
<span class="k">if</span> <span class="n">six</span><span class="o">.</span><span class="n">PY3</span><span class="p">:</span>
<span class="n">EscapeString</span> <span class="o">=</span> <span class="n">EscapeText</span>
<span class="k">else</span><span class="p">:</span>
<span class="n">EscapeString</span> <span class="o">=</span> <span class="n">EscapeBytes</span>
<span class="c"># backwards compatibility for Python 2</span>
<span class="n">EscapeUnicode</span> <span class="o">=</span> <span class="n">EscapeText</span>
<span class="k">class</span> <span class="nc">SafeData</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
<span class="k">pass</span>
<div class="viewcode-block" id="SafeBytes"><a class="viewcode-back" href="../../../ref/utils.html#django.utils.safestring.SafeBytes">[docs]</a><span class="k">class</span> <span class="nc">SafeBytes</span><span class="p">(</span><span class="nb">bytes</span><span class="p">,</span> <span class="n">SafeData</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> A bytes subclass that has been specifically marked as "safe" (requires no</span>
<span class="sd"> further escaping) for HTML output purposes.</span>
<span class="sd"> """</span>
<span class="k">def</span> <span class="nf">__add__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">rhs</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Concatenating a safe byte string with another safe byte string or safe</span>
<span class="sd"> unicode string is safe. Otherwise, the result is no longer safe.</span>
<span class="sd"> """</span>
<span class="n">t</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">SafeBytes</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">__add__</span><span class="p">(</span><span class="n">rhs</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">rhs</span><span class="p">,</span> <span class="n">SafeText</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeText</span><span class="p">(</span><span class="n">t</span><span class="p">)</span>
<span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">rhs</span><span class="p">,</span> <span class="n">SafeBytes</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeBytes</span><span class="p">(</span><span class="n">t</span><span class="p">)</span>
<span class="k">return</span> <span class="n">t</span>
<span class="k">def</span> <span class="nf">_proxy_method</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Wrap a call to a normal unicode method up so that we return safe</span>
<span class="sd"> results. The method that is being wrapped is passed in the 'method'</span>
<span class="sd"> argument.</span>
<span class="sd"> """</span>
<span class="n">method</span> <span class="o">=</span> <span class="n">kwargs</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s">'method'</span><span class="p">)</span>
<span class="n">data</span> <span class="o">=</span> <span class="n">method</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeBytes</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="n">SafeText</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
<span class="n">decode</span> <span class="o">=</span> <span class="n">curry</span><span class="p">(</span><span class="n">_proxy_method</span><span class="p">,</span> <span class="n">method</span><span class="o">=</span><span class="nb">bytes</span><span class="o">.</span><span class="n">decode</span><span class="p">)</span>
</div>
<div class="viewcode-block" id="SafeText"><a class="viewcode-back" href="../../../ref/utils.html#django.utils.safestring.SafeText">[docs]</a><span class="k">class</span> <span class="nc">SafeText</span><span class="p">(</span><span class="n">six</span><span class="o">.</span><span class="n">text_type</span><span class="p">,</span> <span class="n">SafeData</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> A unicode (Python 2) / str (Python 3) subclass that has been specifically</span>
<span class="sd"> marked as "safe" for HTML output purposes.</span>
<span class="sd"> """</span>
<span class="k">def</span> <span class="nf">__add__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">rhs</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Concatenating a safe unicode string with another safe byte string or</span>
<span class="sd"> safe unicode string is safe. Otherwise, the result is no longer safe.</span>
<span class="sd"> """</span>
<span class="n">t</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">SafeText</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">__add__</span><span class="p">(</span><span class="n">rhs</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">rhs</span><span class="p">,</span> <span class="n">SafeData</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeText</span><span class="p">(</span><span class="n">t</span><span class="p">)</span>
<span class="k">return</span> <span class="n">t</span>
<span class="k">def</span> <span class="nf">_proxy_method</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Wrap a call to a normal unicode method up so that we return safe</span>
<span class="sd"> results. The method that is being wrapped is passed in the 'method'</span>
<span class="sd"> argument.</span>
<span class="sd"> """</span>
<span class="n">method</span> <span class="o">=</span> <span class="n">kwargs</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s">'method'</span><span class="p">)</span>
<span class="n">data</span> <span class="o">=</span> <span class="n">method</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeBytes</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="n">SafeText</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
<span class="n">encode</span> <span class="o">=</span> <span class="n">curry</span><span class="p">(</span><span class="n">_proxy_method</span><span class="p">,</span> <span class="n">method</span><span class="o">=</span><span class="n">six</span><span class="o">.</span><span class="n">text_type</span><span class="o">.</span><span class="n">encode</span><span class="p">)</span>
</div>
<span class="k">if</span> <span class="n">six</span><span class="o">.</span><span class="n">PY3</span><span class="p">:</span>
<span class="n">SafeString</span> <span class="o">=</span> <span class="n">SafeText</span>
<span class="k">else</span><span class="p">:</span>
<span class="n">SafeString</span> <span class="o">=</span> <span class="n">SafeBytes</span>
<span class="c"># backwards compatibility for Python 2</span>
<span class="n">SafeUnicode</span> <span class="o">=</span> <span class="n">SafeText</span>
<div class="viewcode-block" id="mark_safe"><a class="viewcode-back" href="../../../ref/utils.html#django.utils.safestring.mark_safe">[docs]</a><span class="k">def</span> <span class="nf">mark_safe</span><span class="p">(</span><span class="n">s</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Explicitly mark a string as safe for (HTML) output purposes. The returned</span>
<span class="sd"> object can be used everywhere a string or unicode object is appropriate.</span>
<span class="sd"> Can be called multiple times on a single string.</span>
<span class="sd"> """</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="n">SafeData</span><span class="p">):</span>
<span class="k">return</span> <span class="n">s</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">)</span> <span class="ow">or</span> <span class="p">(</span><span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="n">Promise</span><span class="p">)</span> <span class="ow">and</span> <span class="n">s</span><span class="o">.</span><span class="n">_delegate_bytes</span><span class="p">):</span>
<span class="k">return</span> <span class="n">SafeBytes</span><span class="p">(</span><span class="n">s</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="p">(</span><span class="n">six</span><span class="o">.</span><span class="n">text_type</span><span class="p">,</span> <span class="n">Promise</span><span class="p">)):</span>
<span class="k">return</span> <span class="n">SafeText</span><span class="p">(</span><span class="n">s</span><span class="p">)</span>
<span class="k">return</span> <span class="n">SafeString</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">s</span><span class="p">))</span>
</div>
<div class="viewcode-block" id="mark_for_escaping"><a class="viewcode-back" href="../../../ref/utils.html#django.utils.safestring.mark_for_escaping">[docs]</a><span class="k">def</span> <span class="nf">mark_for_escaping</span><span class="p">(</span><span class="n">s</span><span class="p">):</span>
<span class="sd">"""</span>
<span class="sd"> Explicitly mark a string as requiring HTML escaping upon output. Has no</span>
<span class="sd"> effect on SafeData subclasses.</span>
<span class="sd"> Can be called multiple times on a single string (the resulting escaping is</span>
<span class="sd"> only applied once).</span>
<span class="sd"> """</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="p">(</span><span class="n">SafeData</span><span class="p">,</span> <span class="n">EscapeData</span><span class="p">)):</span>
<span class="k">return</span> <span class="n">s</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">)</span> <span class="ow">or</span> <span class="p">(</span><span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="n">Promise</span><span class="p">)</span> <span class="ow">and</span> <span class="n">s</span><span class="o">.</span><span class="n">_delegate_bytes</span><span class="p">):</span>
<span class="k">return</span> <span class="n">EscapeBytes</span><span class="p">(</span><span class="n">s</span><span class="p">)</span>
<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">s</span><span class="p">,</span> <span class="p">(</span><span class="n">six</span><span class="o">.</span><span class="n">text_type</span><span class="p">,</span> <span class="n">Promise</span><span class="p">)):</span>
<span class="k">return</span> <span class="n">EscapeText</span><span class="p">(</span><span class="n">s</span><span class="p">)</span>
<span class="k">return</span> <span class="n">EscapeBytes</span><span class="p">(</span><span class="nb">bytes</span><span class="p">(</span><span class="n">s</span><span class="p">))</span>
</pre></div></div>
</div>
</div>
</div>
<div class="yui-b" id="sidebar">
<div class="sphinxsidebar">
<div class="sphinxsidebarwrapper">
<h3>Browse</h3>
<ul>
</ul>
<h3>You are here:</h3>
<ul>
<li>
<a href="../../../index.html">Django 1.6.7 documentation</a>
<ul><li><a href="../../index.html">Module code</a>
<ul><li>django.utils.safestring</li></ul>
</li></ul>
</li>
</ul>
<div id="searchbox" style="display: none">
<h3>Quick search</h3>
<form class="search" action="../../../search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<h3>Last update:</h3>
<p class="topless">Sep 26, 2014</p>
</div>
</div>
<div id="ft">
<div class="nav">
<a href="../../index.html" title="Module code" accesskey="U">up</a></div>
</div>
</div>
<div class="clearer"></div>
</div>
</body>
</html>
