Summary

Escape field values in datagrid cells.

Review Request #4331 — Created July 15, 2013 and submitted July 20, 2013, 10:51 p.m.

Information

Owner

chipx86

Repository

Djblets

Branch

master

Bugs

Depends On

Reviewers

Groups

djblets

People

Description

Escape field values in datagrid cells.

Datagrid cells would pull data from a model and render it as-is. This
could lead to issues when using certain characters. We now escape
everything coming from the database.

If a custom renderer is provided, it's still expected that it returns
valid, safe HTML.

Testing Done

Added some HTML to a field and viewed it. Saw that the HTML was
shown escaped.

Expand All
Collapse All

This is a review from Review Bot.
  Tool: PEP8 Style Checker
  Processed Files:
    djblets/datagrid/grids.py
  Ignored Files:

This is a review from Review Bot.
  Tool: Pyflakes
  Processed Files:
    djblets/datagrid/grids.py
  Ignored Files:

Ship it!

```
Ship It!
```

Status: Closed (submitted)

Change Summary:

Pushed to release-0.6.x (84d3f00) and master (26d36f6)