Skip to content

Commit

Permalink
Mark cleaned data as template safe
Browse files Browse the repository at this point in the history
  • Loading branch information
Mark Gregson committed Sep 9, 2021
1 parent 42e92f6 commit 0e42171
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
7 changes: 5 additions & 2 deletions django_bleach/forms.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from django.core.exceptions import ImproperlyConfigured

from django.conf import settings
from django.utils.safestring import mark_safe
from importlib import import_module

from django_bleach.utils import get_bleach_default_options
Expand Down Expand Up @@ -67,8 +68,10 @@ def __init__(self, allowed_tags=None, allowed_attributes=None,

def to_python(self, value):
"""
Strips any dodgy HTML tags from the input
Strips any dodgy HTML tags from the input.
Mark the return value as template safe.
"""
if value in self.empty_values:
return value
return bleach.clean(value, **self.bleach_options)
return mark_safe(bleach.clean(value, **self.bleach_options))
7 changes: 7 additions & 0 deletions django_bleach/tests/test_forms.py
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
# -*- coding: utf-8 -*-
from django.test import TestCase
from django.utils.safestring import SafeString
from mock import patch

from django_bleach.forms import BleachField
from testproject.forms import BleachForm


Expand All @@ -16,6 +18,11 @@ def test_empty(self):
self.assertEqual(form.fields['no_tags'].to_python([]), [])
self.assertEqual(form.fields['no_tags'].to_python({}), {})

def test_return_type(self):
""" Test bleached values are SafeString objects """
field = BleachField()
self.assertIsInstance(field.to_python("some text"), SafeString)

def test_bleaching(self):
""" Test values are bleached """
test_data = {
Expand Down

0 comments on commit 0e42171

Please sign in to comment.