encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-23 10:03:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Log in and log out require escape and mark_safe

Browse Source
This commit is contained in:
Tom Christie 2015-08-28 10:27:49 +01:00
parent 24a2c3f5c3
commit a5ddd90df0
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rest_framework/templatetags/rest_framework.py
View File

@ -41,8 +41,9 @@ def optional_login(request):
except NoReverseMatch: except NoReverseMatch:
return '' return ''
snippet = "<li><a href='{href}?next={next}'>Log in</a></li>".format(href=login_url, next=escape(request.path)) snippet = "<li><a href='{href}?next={next}'>Log in</a></li>"
return snippet snippet = snippet.format(href=login_url, next=escape(request.path))
return mark_safe(snippet)
@register.simple_tag @register.simple_tag
@ -64,8 +65,8 @@ def optional_logout(request, user):
<li><a href='{href}?next={next}'>Log out</a></li> <li><a href='{href}?next={next}'>Log out</a></li>
</ul> </ul>
</li>""" </li>"""
snippet = snippet.format(user=escape(user), href=logout_url, next=escape(request.path))
return snippet.format(user=user, href=logout_url, next=escape(request.path)) return mark_safe(snippet)
@register.simple_tag @register.simple_tag