← Back to branch summary

~ubuntu-branches/ubuntu/quantal/python-django/quantal-security

~ubuntu-branches/ubuntu/quantal/python-django/quantal-security

« back to all changes in this revision

Viewing changes to django/template/defaultfilters.py

Committer: Bazaar Package Importer
Author(s): Jamie Strandboge
Date: 2010-10-12 11:34:35 UTC
mfrom: (4.4.9 sid)
mto: This revision was merged to the branch mainline in revision 30.
Revision ID: james.westby@ubuntu.com-20101012113435-5rk3p18nyanuhj6g

* SECURITY UPDATE: XSS in CSRF protections. New upstream release
  - CVE-2010-3082
* debian/patches/01_disable_url_verify_regression_tests.diff:
  - updated to disable another test that fails without internet connection
  - patch based on work by Kai Kasurinen and Krzysztof Klimonda
* debian/control: don't Build-Depends on locales-all, which doesn't exist
  in maverick

files added:
.pc/01_disable_url_verify_regression_tests.diff/tests/modeltests

.pc/01_disable_url_verify_regression_tests.diff/tests/modeltests/validation

.pc/01_disable_url_verify_regression_tests.diff/tests/modeltests/validation/tests.py

.pc/05_fix_regression_tests.diff

.pc/05_fix_regression_tests.diff/tests

.pc/05_fix_regression_tests.diff/tests/regressiontests

.pc/05_fix_regression_tests.diff/tests/regressiontests/admin_views

.pc/05_fix_regression_tests.diff/tests/regressiontests/admin_views/tests.py

.pc/06_fix_regression_tests.diff

.pc/06_fix_regression_tests.diff/tests

.pc/06_fix_regression_tests.diff/tests/regressiontests

.pc/06_fix_regression_tests.diff/tests/regressiontests/admin_views

.pc/06_fix_regression_tests.diff/tests/regressiontests/admin_views/tests.py

debian/patches/05_fix_regression_tests.diff

debian/patches/06_fix_regression_tests.diff

django/conf/locale/ml

django/conf/locale/ml/LC_MESSAGES

django/conf/locale/ml/LC_MESSAGES/django.mo

django/conf/locale/ml/LC_MESSAGES/django.po

django/conf/locale/ml/LC_MESSAGES/djangojs.mo

django/conf/locale/ml/LC_MESSAGES/djangojs.po

django/conf/locale/ml/__init__.py

django/conf/locale/ml/formats.py

django/contrib/flatpages/fixtures

django/contrib/flatpages/fixtures/sample_flatpages.json

django/contrib/flatpages/tests

django/contrib/flatpages/tests/__init__.py

django/contrib/flatpages/tests/csrf.py

django/contrib/flatpages/tests/middleware.py

django/contrib/flatpages/tests/templates

django/contrib/flatpages/tests/templates/404.html

django/contrib/flatpages/tests/templates/flatpages

django/contrib/flatpages/tests/templates/flatpages/default.html

django/contrib/flatpages/tests/templates/registration

django/contrib/flatpages/tests/templates/registration/login.html

django/contrib/flatpages/tests/urls.py

django/contrib/flatpages/tests/views.py

django/contrib/sitemaps/models.py

django/contrib/sitemaps/tests

django/contrib/sitemaps/tests/__init__.py

django/contrib/sitemaps/tests/basic.py

django/contrib/sitemaps/tests/urls.py

docs/_theme

docs/_theme/djangodocs

docs/_theme/djangodocs/genindex.html

docs/_theme/djangodocs/layout.html

docs/_theme/djangodocs/modindex.html

docs/_theme/djangodocs/search.html

docs/_theme/djangodocs/static

docs/_theme/djangodocs/static/default.css

docs/_theme/djangodocs/static/djangodocs.css

docs/_theme/djangodocs/static/docicons-behindscenes.png

docs/_theme/djangodocs/static/docicons-note.png

docs/_theme/djangodocs/static/docicons-philosophy.png

docs/_theme/djangodocs/static/homepage.css

docs/_theme/djangodocs/static/reset-fonts-grids.css

docs/_theme/djangodocs/theme.conf

docs/ref/contrib/markup.txt

tests/modeltests/aggregation/tests.py

tests/modeltests/choices/tests.py

tests/modeltests/fixtures/tests.py

tests/modeltests/fixtures_model_package/tests.py

tests/regressiontests/forms/input_formats.py

tests/regressiontests/localflavor/us

tests/regressiontests/localflavor/us/__init__.py

tests/regressiontests/localflavor/us/forms.py

tests/regressiontests/localflavor/us/models.py

tests/regressiontests/localflavor/us/tests.py

tests/regressiontests/m2m_through_regress/tests.py

tests/regressiontests/multiple_database/fixtures/pets.json

files removed:
debian/test_settings.py

docs/_static

docs/_static/default.css

docs/_static/djangodocs.css

docs/_static/docicons-behindscenes.png

docs/_static/docicons-note.png

docs/_static/docicons-philosophy.png

docs/_static/homepage.css

docs/_static/reset-fonts-grids.css

docs/_templates

docs/_templates/genindex.html

docs/_templates/layout.html

docs/_templates/modindex.html

docs/_templates/search.html

tests/regressiontests/localflavor/forms.py

files modified:
.pc/01_disable_url_verify_regression_tests.diff/tests/regressiontests/forms/fields.py

.pc/applied-patches

AUTHORS

MANIFEST.in

PKG-INFO

debian/changelog

debian/control

debian/patches/01_disable_url_verify_regression_tests.diff

debian/patches/series

debian/rules

django/__init__.py

django/conf/global_settings.py

django/conf/locale/cs/LC_MESSAGES/django.mo

django/conf/locale/cs/LC_MESSAGES/django.po

django/conf/locale/cs/LC_MESSAGES/djangojs.mo

django/conf/locale/cs/LC_MESSAGES/djangojs.po

django/conf/locale/da/LC_MESSAGES/djangojs.mo

django/conf/locale/da/LC_MESSAGES/djangojs.po

django/conf/locale/de/LC_MESSAGES/django.mo

django/conf/locale/de/LC_MESSAGES/django.po

django/conf/locale/es_AR/LC_MESSAGES/django.mo

django/conf/locale/es_AR/LC_MESSAGES/django.po

django/conf/locale/es_AR/LC_MESSAGES/djangojs.mo

django/conf/locale/es_AR/LC_MESSAGES/djangojs.po

django/conf/locale/fr/LC_MESSAGES/django.mo

django/conf/locale/fr/LC_MESSAGES/django.po

django/conf/locale/pl/formats.py

django/conf/locale/sr/LC_MESSAGES/django.mo

django/conf/locale/sr/LC_MESSAGES/django.po

django/conf/locale/sr/LC_MESSAGES/djangojs.mo

django/conf/locale/sr/LC_MESSAGES/djangojs.po

django/conf/locale/sr/formats.py

django/conf/locale/sr_Latn/LC_MESSAGES/django.mo

django/conf/locale/sr_Latn/LC_MESSAGES/django.po

django/conf/locale/sr_Latn/formats.py

django/conf/project_template/settings.py

django/conf/project_template/urls.py

django/contrib/admin/media/css/base.css

django/contrib/admin/media/css/changelists.css

django/contrib/admin/options.py

django/contrib/admin/templates/admin/auth/user/add_form.html

django/contrib/admin/templates/admin/base.html

django/contrib/admin/templates/admin/change_list_results.html

django/contrib/admin/templatetags/admin_list.py

django/contrib/admindocs/templates/admin_doc/template_filter_index.html

django/contrib/admindocs/templates/admin_doc/template_tag_index.html

django/contrib/admindocs/views.py

django/contrib/auth/forms.py

django/contrib/auth/tests/__init__.py

django/contrib/auth/tests/forms.py

django/contrib/flatpages/views.py

django/contrib/formtools/wizard.py

django/contrib/gis/db/backends/mysql/creation.py

django/contrib/gis/db/backends/spatialite/base.py

django/contrib/gis/db/models/sql/compiler.py

django/contrib/gis/gdal/libgdal.py

django/contrib/gis/tests/relatedapp/models.py

django/contrib/gis/tests/relatedapp/tests.py

django/contrib/localflavor/in_/in_states.py

django/contrib/markup/tests.py

django/contrib/sitemaps/__init__.py

django/core/cache/backends/db.py

django/core/cache/backends/filebased.py

django/core/files/images.py

django/core/handlers/base.py

django/core/management/__init__.py

django/core/management/base.py

django/core/management/commands/dumpdata.py

django/core/management/commands/flush.py

django/core/management/commands/loaddata.py

django/core/urlresolvers.py

django/db/__init__.py

django/db/backends/__init__.py

django/db/backends/creation.py

django/db/backends/mysql/base.py

django/db/backends/mysql/client.py

django/db/backends/oracle/base.py

django/db/backends/postgresql/base.py

django/db/backends/postgresql/creation.py

django/db/backends/postgresql_psycopg2/base.py

django/db/backends/signals.py

django/db/backends/sqlite3/base.py

django/db/models/base.py

django/db/models/fields/__init__.py

django/db/models/fields/related.py

django/db/models/sql/query.py

django/forms/fields.py

django/forms/forms.py

django/forms/models.py

django/forms/widgets.py

django/http/__init__.py

django/middleware/csrf.py

django/template/defaultfilters.py

django/template/defaulttags.py

django/test/__init__.py

django/test/client.py

django/test/testcases.py

django/test/utils.py

django/utils/datastructures.py

django/utils/hashcompat.py

django/utils/text.py

django/views/csrf.py

django/views/debug.py

docs/Makefile

docs/_ext/djangodocs.py

docs/conf.py

docs/faq/admin.txt

docs/faq/contributing.txt

docs/faq/general.txt

docs/faq/help.txt

docs/faq/index.txt

docs/faq/install.txt

docs/faq/models.txt

docs/faq/usage.txt

docs/glossary.txt

docs/howto/apache-auth.txt

docs/howto/auth-remote-user.txt

docs/howto/custom-file-storage.txt

docs/howto/custom-management-commands.txt

docs/howto/custom-model-fields.txt

docs/howto/custom-template-tags.txt

docs/howto/deployment/fastcgi.txt

docs/howto/deployment/index.txt

docs/howto/deployment/modpython.txt

docs/howto/deployment/modwsgi.txt

docs/howto/error-reporting.txt

docs/howto/i18n.txt

docs/howto/index.txt

docs/howto/initial-data.txt

docs/howto/jython.txt

docs/howto/legacy-databases.txt

docs/howto/outputting-csv.txt

docs/howto/outputting-pdf.txt

docs/howto/static-files.txt

docs/index.txt

docs/internals/committers.txt

docs/internals/contributing.txt

docs/internals/deprecation.txt

docs/internals/documentation.txt

docs/internals/index.txt

docs/internals/release-process.txt

docs/internals/svn.txt

docs/intro/index.txt

docs/intro/install.txt

docs/intro/overview.txt

docs/intro/tutorial01.txt

docs/intro/tutorial02.txt

docs/intro/tutorial03.txt

docs/intro/tutorial04.txt

docs/intro/whatsnext.txt

docs/misc/api-stability.txt

docs/misc/design-philosophies.txt

docs/misc/distributions.txt

docs/misc/index.txt

docs/obsolete/admin-css.txt

docs/obsolete/index.txt

docs/ref/authbackends.txt

docs/ref/contrib/admin/actions.txt

docs/ref/contrib/admin/index.txt

docs/ref/contrib/auth.txt

docs/ref/contrib/comments/custom.txt

docs/ref/contrib/comments/example.txt

docs/ref/contrib/comments/forms.txt

docs/ref/contrib/comments/index.txt

docs/ref/contrib/comments/models.txt

docs/ref/contrib/comments/moderation.txt

docs/ref/contrib/comments/settings.txt

docs/ref/contrib/comments/signals.txt

docs/ref/contrib/comments/upgrade.txt

docs/ref/contrib/contenttypes.txt

docs/ref/contrib/csrf.txt

docs/ref/contrib/databrowse.txt

docs/ref/contrib/flatpages.txt

docs/ref/contrib/formtools/form-preview.txt

docs/ref/contrib/formtools/form-wizard.txt

docs/ref/contrib/formtools/index.txt

docs/ref/contrib/gis/admin.txt

docs/ref/contrib/gis/commands.txt

docs/ref/contrib/gis/create_template_postgis-1.4.sh

docs/ref/contrib/gis/db-api.txt

docs/ref/contrib/gis/deployment.txt

docs/ref/contrib/gis/feeds.txt

docs/ref/contrib/gis/geoquerysets.txt

docs/ref/contrib/gis/install.txt

docs/ref/contrib/gis/layermapping.txt

docs/ref/contrib/gis/measure.txt

docs/ref/contrib/gis/model-api.txt

docs/ref/contrib/gis/testing.txt

docs/ref/contrib/gis/tutorial.txt

docs/ref/contrib/humanize.txt

docs/ref/contrib/index.txt

docs/ref/contrib/localflavor.txt

docs/ref/contrib/messages.txt

docs/ref/contrib/redirects.txt

docs/ref/contrib/sitemaps.txt

docs/ref/contrib/sites.txt

docs/ref/contrib/syndication.txt

docs/ref/contrib/webdesign.txt

docs/ref/databases.txt

docs/ref/django-admin.txt

docs/ref/exceptions.txt

docs/ref/files/file.txt

docs/ref/files/index.txt

docs/ref/files/storage.txt

docs/ref/forms/api.txt

docs/ref/forms/fields.txt

docs/ref/forms/index.txt

docs/ref/forms/validation.txt

docs/ref/forms/widgets.txt

docs/ref/generic-views.txt

docs/ref/index.txt

docs/ref/middleware.txt

docs/ref/models/fields.txt

docs/ref/models/index.txt

docs/ref/models/instances.txt

docs/ref/models/options.txt

docs/ref/models/querysets.txt

docs/ref/models/relations.txt

docs/ref/request-response.txt

docs/ref/settings.txt

docs/ref/signals.txt

docs/ref/templates/api.txt

docs/ref/templates/builtins.txt

docs/ref/templates/index.txt

docs/ref/unicode.txt

docs/ref/utils.txt

docs/ref/validators.txt

docs/releases/0.95.txt

docs/releases/0.96.txt

docs/releases/1.0-alpha-1.txt

docs/releases/1.0-alpha-2.txt

docs/releases/1.0-beta-2.txt

docs/releases/1.0-beta.txt

docs/releases/1.0-porting-guide.txt

docs/releases/1.0.1.txt

docs/releases/1.0.2.txt

docs/releases/1.0.txt

docs/releases/1.1-alpha-1.txt

docs/releases/1.1-beta-1.txt

docs/releases/1.1-rc-1.txt

docs/releases/1.1.2.txt

docs/releases/1.1.txt

docs/releases/1.2-alpha-1.txt

docs/releases/1.2-beta-1.txt

docs/releases/1.2-rc-1.txt

docs/releases/1.2.txt

docs/releases/index.txt

docs/topics/auth.txt

docs/topics/cache.txt

docs/topics/conditional-view-processing.txt

docs/topics/db/aggregation.txt

docs/topics/db/index.txt

docs/topics/db/managers.txt

docs/topics/db/models.txt

docs/topics/db/multi-db.txt

docs/topics/db/optimization.txt

docs/topics/db/queries.txt

docs/topics/db/sql.txt

docs/topics/db/transactions.txt

docs/topics/email.txt

docs/topics/files.txt

docs/topics/forms/formsets.txt

docs/topics/forms/index.txt

docs/topics/forms/media.txt

docs/topics/forms/modelforms.txt

docs/topics/generic-views.txt

docs/topics/http/file-uploads.txt

docs/topics/http/generic-views.txt

docs/topics/http/index.txt

docs/topics/http/middleware.txt

docs/topics/http/sessions.txt

docs/topics/http/shortcuts.txt

docs/topics/http/urls.txt

docs/topics/http/views.txt

docs/topics/i18n/deployment.txt

docs/topics/i18n/index.txt

docs/topics/i18n/internationalization.txt

docs/topics/i18n/localization.txt

docs/topics/index.txt

docs/topics/install.txt

docs/topics/pagination.txt

docs/topics/serialization.txt

docs/topics/settings.txt

docs/topics/signals.txt

docs/topics/templates.txt

docs/topics/testing.txt

setup.cfg

setup.py

tests/modeltests/aggregation/models.py

tests/modeltests/choices/models.py

tests/modeltests/fixtures/models.py

tests/modeltests/fixtures_model_package/models/__init__.py

tests/modeltests/model_forms/tests.py

tests/modeltests/proxy_model_inheritance/tests.py

tests/modeltests/test_client/models.py

tests/modeltests/validation/test_unique.py

tests/modeltests/validation/tests.py

tests/regressiontests/admin_changelist/tests.py

tests/regressiontests/admin_scripts/tests.py

tests/regressiontests/admin_views/models.py

tests/regressiontests/admin_views/tests.py

tests/regressiontests/aggregation_regress/models.py

tests/regressiontests/aggregation_regress/tests.py

tests/regressiontests/backends/tests.py

tests/regressiontests/cache/tests.py

tests/regressiontests/csrf_tests/tests.py

tests/regressiontests/file_storage/tests.py

tests/regressiontests/forms/fields.py

tests/regressiontests/forms/localflavor/au.py

tests/regressiontests/forms/models.py

tests/regressiontests/forms/tests.py

tests/regressiontests/httpwrappers/tests.py

tests/regressiontests/localflavor/models.py

tests/regressiontests/localflavor/tests.py

tests/regressiontests/m2m_through_regress/models.py

tests/regressiontests/model_forms_regress/models.py

tests/regressiontests/model_forms_regress/tests.py

tests/regressiontests/model_formsets_regress/tests.py

tests/regressiontests/multiple_database/tests.py

tests/regressiontests/serializers_regress/tests.py

tests/regressiontests/templates/filters.py

tests/regressiontests/templates/tests.py

tests/regressiontests/test_client_regress/models.py

tests/regressiontests/test_client_regress/urls.py

tests/regressiontests/test_client_regress/views.py

tests/regressiontests/urlpatterns_reverse/tests.py

tests/regressiontests/utils/timesince.py

tests/runtests.py

Show diffs side-by-side

added added

removed removed

django/template/defaultfilters.py

11

11

from django.template import Variable, Library

12

12

from django.conf import settings

13

13

from django.utils import formats

14

from django.utils.translation import ugettext, ungettext

15

14

from django.utils.encoding import force_unicode, iri_to_uri

15

from django.utils.html import conditional_escape

16

16

from django.utils.safestring import mark_safe, SafeData

17

from django.utils.translation import ugettext, ungettext

17

18

18

19

register = Library()

19

20

255

256

Truncates a string after a certain number of words.

256

257

257

258

Argument: Number of words to truncate after.

259

260

Newlines within the string are removed.

258

261

"""

259

262

from django.utils.text import truncate_words

260

263

try:

270

273

Truncates HTML after a certain number of words.

271

274

272

275

Argument: Number of words to truncate after.

276

277

Newlines in the HTML are preserved.

273

278

"""

274

279

from django.utils.text import truncate_html_words

275

280

try:

496

501

"""

497

502

value = map(force_unicode, value)

498

503

if autoescape:

499

from django.utils.html import conditional_escape

500

504

value = [conditional_escape(v) for v in value]

501

505

try:

502

data = arg.join(value)

506

data = conditional_escape(arg).join(value)

503

507

except AttributeError: # fail silently but nicely

504

508

return value

505

509

return mark_safe(data)

Older »