1. Maciej Wisniowski Avatar Maciej Wisniowski
  2. django_datatables_view
  3. django-datatables-view
  4. Issues

Some render_column() output should be marked as safestring

Issue #66 wontfix
Ryan Lie created an issue

In particular, the get_absolute_url() in here should be:

if value and hasattr(obj, 'get_absolute_url'):
    return format_html('<a href="{}">{}</a>', obj.get_absolute_url(), value)

This can be useful for JSON APIs that contains fragments of HTML strings as we could then pass the output of render_column() to django.utils.html.conditional_escape().

Comments (4)

  2. Jorge F. Guerra Piñeiro

    @Maciej Wisniowski
    This broke support for tildes in python 2.7.
    When value has an ñ you get a UnicodeEncodeError

  3. Maciej Wisniowski repo owner

    Right, it breaks things on python 2 due to Unicode issues. Sorry to say that, but given that we now have Django 3, since Django 2.2 Python 2 is not supported and Python 2.7 reaches its end of life soon I'll mark this as wontfix. It is better to switch to newer Django and Python or stick with some older version of django-datatables-view.

  4. Jorge F. Guerra Piñeiro

    Completely agreed. I like the solution. I guess that making the comment might help someone later on. And yes, I’m using an older version for a project that needs to be ported soon.

    Maybe consider removing python 2 compatibility?

  5. Log in to comment
Assignee
Type
bug
Priority
major
Status
wontfix
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!