[Django] #34577: New template filter `escapeseq`

18 views
Skip to first unread message

Django

unread,
May 18, 2023, 12:30:35 PM5/18/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
-------------------------------------------+------------------------
Reporter: Natalia Bidart | Owner: nobody
Type: New feature | Status: new
Component: Template system | Version: dev
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------------+------------------------
Following #34574, and after some conversations within the security team,
it seems appropriate to provide a new template filter `escapeseq` which
would be to `escape` what `safeseq` is to `safe`. An example of usage
would be:

{{{
{{ some_list|escapeseq|join:"," }}
}}}

where each item of `some_list` is escaped before applying the join
operation. This usage makes sense in a context where `autoescape` is
`off`.

--
Ticket URL: <https://code.djangoproject.com/ticket/34577>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
May 18, 2023, 2:15:10 PM5/18/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
---------------------------------+------------------------------------

Reporter: Natalia Bidart | Owner: nobody
Type: New feature | Status: new
Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by Mariusz Felisiak):

* stage: Unreviewed => Accepted


--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:1>

Django

unread,
May 19, 2023, 5:10:23 AM5/19/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
---------------------------------+------------------------------------
Reporter: Natalia Bidart | Owner: nobody
Type: New feature | Status: new
Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0

---------------------------------+------------------------------------
Changes (by Mariusz Felisiak):

* easy: 0 => 1


--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:2>

Django

unread,
May 19, 2023, 9:29:20 AM5/19/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
---------------------------------+------------------------------------
Reporter: Natalia Bidart | Owner: tuxo
Type: New feature | Status: assigned

Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by tuxo):

* owner: nobody => tuxo
* status: new => assigned


--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:3>

Django

unread,
May 19, 2023, 7:57:25 PM5/19/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
---------------------------------+------------------------------------
Reporter: Natalia Bidart | Owner: tuxo
Type: New feature | Status: assigned
Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by tuxo):

* has_patch: 0 => 1


Comment:

[https://github.com/django/django/pull/16877 PR]

--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:4>

Django

unread,
May 21, 2023, 11:31:08 PM5/21/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
-------------------------------------+-------------------------------------
Reporter: Natalia Bidart | Owner: Arthur
| Moreira

Type: New feature | Status: assigned
Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1

Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* needs_better_patch: 0 => 1


Comment:

Per David's comments.

--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:5>

Django

unread,
May 22, 2023, 3:59:01 AM5/22/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
-------------------------------------+-------------------------------------
Reporter: Natalia Bidart | Owner: Arthur
| Moreira
Type: New feature | Status: assigned
Component: Template system | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* needs_better_patch: 1 => 0
* stage: Accepted => Ready for checkin


--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:6>

Django

unread,
May 22, 2023, 4:51:00 AM5/22/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
-------------------------------------+-------------------------------------
Reporter: Natalia Bidart | Owner: Arthur
| Moreira
Type: New feature | Status: closed

Component: Template system | Version: dev
Severity: Normal | Resolution: fixed

Keywords: | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak <felisiak.mariusz@…>):

* status: assigned => closed
* resolution: => fixed


Comment:

In [changeset:"061a8a1bd818ca2c8a6493f33cae2379e34e181f" 061a8a1b]:
{{{
#!CommitTicketReference repository=""
revision="061a8a1bd818ca2c8a6493f33cae2379e34e181f"
Fixed #34577 -- Added escapeseq template filter.
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:7>

Django

unread,
May 26, 2023, 1:49:38 AM5/26/23
to django-...@googlegroups.com
#34577: New template filter `escapeseq`
-------------------------------------+-------------------------------------
Reporter: Natalia Bidart | Owner: Arthur
| Moreira
Type: New feature | Status: closed
Component: Template system | Version: dev
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------

Comment (by Mariusz Felisiak <felisiak.mariusz@…>):

In [changeset:"881cc139e2d53cc1d3ccea7f38faa960f9e56597" 881cc13]:
{{{
#!CommitTicketReference repository=""
revision="881cc139e2d53cc1d3ccea7f38faa960f9e56597"
Refs #34574, Refs #34577 -- Mentioned escapeseq filter in
escape/autoescape docs.
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/34577#comment:8>

Reply all
Reply to author
Forward
0 new messages