Fixed #8566 -- Allow safe-strings in the "attrs" parameter to form widgets.

malcolmt · malcolmt · commit 1fc8f84f58d5 · 2008-08-26T21:32:17.000Z
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8601 bcc190cf-cafb-0310-a4f2-bffc1f526a37
diff --git a/django/forms/util.py b/django/forms/util.py
@@ -1,4 +1,4 @@
-from django.utils.html import escape
+from django.utils.html import conditional_escape
 from django.utils.encoding import smart_unicode, StrAndUnicode, force_unicode
 from django.utils.safestring import mark_safe
 
@@ -9,7 +9,7 @@ def flatatt(attrs):
     XML-style pairs.  It is assumed that the keys do not need to be XML-escaped.
     If the passed dictionary is empty, then return an empty string.
     """
-    return u''.join([u' %s="%s"' % (k, escape(v)) for k, v in attrs.items()])
+    return u''.join([u' %s="%s"' % (k, conditional_escape(v)) for k, v in attrs.items()])
 
 class ErrorDict(dict, StrAndUnicode):
     """
diff --git a/django/utils/translation/trans_real.py b/django/utils/translation/trans_real.py
@@ -403,6 +403,7 @@ def get_date_formats():
     date_format = ugettext('DATE_FORMAT')
     datetime_format = ugettext('DATETIME_FORMAT')
     time_format = ugettext('TIME_FORMAT')
+    datetime_full_format = ugettext('DATE_WITH_TIME_FULL')
     if date_format == 'DATE_FORMAT':
         date_format = settings.DATE_FORMAT
     if datetime_format == 'DATETIME_FORMAT':
diff --git a/tests/regressiontests/forms/widgets.py b/tests/regressiontests/forms/widgets.py
@@ -50,6 +50,11 @@
 >>> w.render('email', '', attrs={'class': 'special'})
 u'<input type="text" class="special" name="email" />'
 
+'attrs' can be safe-strings if needed
+>>> w = TextInput(attrs={'onBlur': mark_safe("function('foo')")})
+>>> print w.render('email', '')
+<input onBlur="function('foo')" type="text" name="email" />
+
 # PasswordInput Widget ############################################################
 
 >>> w = PasswordInput()
