workflows: do not use django templating by default in workflows (#21317)
This commit is contained in:
parent
337f0a476c
commit
f97734c48b
|
@ -162,6 +162,13 @@ def test_variable_compute(pub):
|
|||
# django wins
|
||||
assert item.compute('{{ form_var_foo }} [bar]', context={'bar': 'world'}) == 'hello [bar]'
|
||||
|
||||
# django template, no escaping by default
|
||||
formdata.data = {'1': '<b>hello</b>'}
|
||||
formdata.store()
|
||||
assert item.compute('{{ form_var_foo }}') == '<b>hello</b>' # autoescape off by default
|
||||
assert item.compute('{{ form_var_foo|safe }}') == '<b>hello</b>' # no escaping (implicit |safe)
|
||||
assert item.compute('{{ form_var_foo|escape }}') == '<b>hello</b>' #escaping
|
||||
|
||||
def test_variable_compute_dates(pub):
|
||||
FormDef.wipe()
|
||||
formdef = FormDef()
|
||||
|
|
|
@ -1632,7 +1632,7 @@ class WorkflowStatusItem(XmlSerialisable):
|
|||
|
||||
if not var.startswith('='):
|
||||
try:
|
||||
return Template(var, raises=raises).render(vars)
|
||||
return Template(var, raises=raises, autoescape=False).render(vars)
|
||||
except TemplateError:
|
||||
if raises:
|
||||
raise
|
||||
|
|
Loading…
Reference in New Issue