MarkupSafe


NameMarkupSafe JSON
Version 1.0 PyPI version JSON
download
home_pagehttp://github.com/pallets/markupsafe
SummaryImplements a XML/HTML/XHTML Markup safe string for Python
upload_time2017-03-07 15:32:13
maintainerNone
docs_urlNone
authorArmin Ronacher
requires_pythonNone
licenseBSD
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI
coveralls test coverage
            MarkupSafe
==========

Implements a unicode subclass that supports HTML strings:

.. code-block:: python

    >>> from markupsafe import Markup, escape
    >>> escape("<script>alert(document.cookie);</script>")
    Markup(u'&lt;script&gt;alert(document.cookie);&lt;/script&gt;')
    >>> tmpl = Markup("<em>%s</em>")
    >>> tmpl % "Peter > Lustig"
    Markup(u'<em>Peter &gt; Lustig</em>')

If you want to make an object unicode that is not yet unicode
but don't want to lose the taint information, you can use the
``soft_unicode`` function.  (On Python 3 you can also use ``soft_str`` which
is a different name for the same function).

.. code-block:: python

    >>> from markupsafe import soft_unicode
    >>> soft_unicode(42)
    u'42'
    >>> soft_unicode(Markup('foo'))
    Markup(u'foo')

HTML Representations
--------------------

Objects can customize their HTML markup equivalent by overriding
the ``__html__`` function:

.. code-block:: python

    >>> class Foo(object):
    ...  def __html__(self):
    ...   return '<strong>Nice</strong>'
    ...
    >>> escape(Foo())
    Markup(u'<strong>Nice</strong>')
    >>> Markup(Foo())
    Markup(u'<strong>Nice</strong>')

Silent Escapes
--------------

Since MarkupSafe 0.10 there is now also a separate escape function
called ``escape_silent`` that returns an empty string for ``None`` for
consistency with other systems that return empty strings for ``None``
when escaping (for instance Pylons' webhelpers).

If you also want to use this for the escape method of the Markup
object, you can create your own subclass that does that:

.. code-block:: python

    from markupsafe import Markup, escape_silent as escape

    class SilentMarkup(Markup):
        __slots__ = ()

        @classmethod
        def escape(cls, s):
            return cls(escape(s))

New-Style String Formatting
---------------------------

Starting with MarkupSafe 0.21 new style string formats from Python 2.6 and
3.x are now fully supported.  Previously the escape behavior of those
functions was spotty at best.  The new implementations operates under the
following algorithm:

1.  if an object has an ``__html_format__`` method it is called as
    replacement for ``__format__`` with the format specifier.  It either
    has to return a string or markup object.
2.  if an object has an ``__html__`` method it is called.
3.  otherwise the default format system of Python kicks in and the result
    is HTML escaped.

Here is how you can implement your own formatting:

.. code-block:: python

    class User(object):

        def __init__(self, id, username):
            self.id = id
            self.username = username

        def __html_format__(self, format_spec):
            if format_spec == 'link':
                return Markup('<a href="/user/{0}">{1}</a>').format(
                    self.id,
                    self.__html__(),
                )
            elif format_spec:
                raise ValueError('Invalid format spec')
            return self.__html__()

        def __html__(self):
            return Markup('<span class=user>{0}</span>').format(self.username)

And to format that user:

.. code-block:: python

    >>> user = User(1, 'foo')
    >>> Markup('<p>User: {0:link}').format(user)
    Markup(u'<p>User: <a href="/user/1"><span class=user>foo</span></a>')

Markupsafe supports Python 2.6, 2.7 and Python 3.3 and higher.
            

Raw data

            {
    "maintainer": null, 
    "docs_url": null, 
    "requires_python": null, 
    "maintainer_email": null, 
    "cheesecake_code_kwalitee_id": null, 
    "keywords": null, 
    "upload_time": "2017-03-07 15:32:13", 
    "author": "Armin Ronacher", 
    "home_page": "http://github.com/pallets/markupsafe", 
    "github_user": "pallets", 
    "download_url": "https://pypi.python.org/packages/4d/de/32d741db316d8fdb7680822dd37001ef7a448255de9699ab4bfcbdf4172b/MarkupSafe-1.0.tar.gz", 
    "platform": "UNKNOWN", 
    "version": "1.0", 
    "cheesecake_documentation_id": null, 
    "description": "MarkupSafe\n==========\n\nImplements a unicode subclass that supports HTML strings:\n\n.. code-block:: python\n\n    >>> from markupsafe import Markup, escape\n    >>> escape(\"<script>alert(document.cookie);</script>\")\n    Markup(u'&lt;script&gt;alert(document.cookie);&lt;/script&gt;')\n    >>> tmpl = Markup(\"<em>%s</em>\")\n    >>> tmpl % \"Peter > Lustig\"\n    Markup(u'<em>Peter &gt; Lustig</em>')\n\nIf you want to make an object unicode that is not yet unicode\nbut don't want to lose the taint information, you can use the\n``soft_unicode`` function.  (On Python 3 you can also use ``soft_str`` which\nis a different name for the same function).\n\n.. code-block:: python\n\n    >>> from markupsafe import soft_unicode\n    >>> soft_unicode(42)\n    u'42'\n    >>> soft_unicode(Markup('foo'))\n    Markup(u'foo')\n\nHTML Representations\n--------------------\n\nObjects can customize their HTML markup equivalent by overriding\nthe ``__html__`` function:\n\n.. code-block:: python\n\n    >>> class Foo(object):\n    ...  def __html__(self):\n    ...   return '<strong>Nice</strong>'\n    ...\n    >>> escape(Foo())\n    Markup(u'<strong>Nice</strong>')\n    >>> Markup(Foo())\n    Markup(u'<strong>Nice</strong>')\n\nSilent Escapes\n--------------\n\nSince MarkupSafe 0.10 there is now also a separate escape function\ncalled ``escape_silent`` that returns an empty string for ``None`` for\nconsistency with other systems that return empty strings for ``None``\nwhen escaping (for instance Pylons' webhelpers).\n\nIf you also want to use this for the escape method of the Markup\nobject, you can create your own subclass that does that:\n\n.. code-block:: python\n\n    from markupsafe import Markup, escape_silent as escape\n\n    class SilentMarkup(Markup):\n        __slots__ = ()\n\n        @classmethod\n        def escape(cls, s):\n            return cls(escape(s))\n\nNew-Style String Formatting\n---------------------------\n\nStarting with MarkupSafe 0.21 new style string formats from Python 2.6 and\n3.x are now fully supported.  Previously the escape behavior of those\nfunctions was spotty at best.  The new implementations operates under the\nfollowing algorithm:\n\n1.  if an object has an ``__html_format__`` method it is called as\n    replacement for ``__format__`` with the format specifier.  It either\n    has to return a string or markup object.\n2.  if an object has an ``__html__`` method it is called.\n3.  otherwise the default format system of Python kicks in and the result\n    is HTML escaped.\n\nHere is how you can implement your own formatting:\n\n.. code-block:: python\n\n    class User(object):\n\n        def __init__(self, id, username):\n            self.id = id\n            self.username = username\n\n        def __html_format__(self, format_spec):\n            if format_spec == 'link':\n                return Markup('<a href=\"/user/{0}\">{1}</a>').format(\n                    self.id,\n                    self.__html__(),\n                )\n            elif format_spec:\n                raise ValueError('Invalid format spec')\n            return self.__html__()\n\n        def __html__(self):\n            return Markup('<span class=user>{0}</span>').format(self.username)\n\nAnd to format that user:\n\n.. code-block:: python\n\n    >>> user = User(1, 'foo')\n    >>> Markup('<p>User: {0:link}').format(user)\n    Markup(u'<p>User: <a href=\"/user/1\"><span class=user>foo</span></a>')\n\nMarkupsafe supports Python 2.6, 2.7 and Python 3.3 and higher.", 
    "tox": true, 
    "lcname": "markupsafe", 
    "bugtrack_url": null, 
    "github": true, 
    "coveralls": true, 
    "name": "MarkupSafe", 
    "license": "BSD", 
    "travis_ci": true, 
    "github_project": "markupsafe", 
    "summary": "Implements a XML/HTML/XHTML Markup safe string for Python", 
    "split_keywords": [], 
    "author_email": "armin.ronacher@active-4.com", 
    "urls": [
        {
            "has_sig": false, 
            "upload_time": "2017-03-07T15:32:13", 
            "comment_text": "", 
            "python_version": "source", 
            "url": "https://pypi.python.org/packages/4d/de/32d741db316d8fdb7680822dd37001ef7a448255de9699ab4bfcbdf4172b/MarkupSafe-1.0.tar.gz", 
            "md5_digest": "2fcedc9284d50e577b5192e8e3578355", 
            "downloads": 0, 
            "filename": "MarkupSafe-1.0.tar.gz", 
            "packagetype": "sdist", 
            "path": "4d/de/32d741db316d8fdb7680822dd37001ef7a448255de9699ab4bfcbdf4172b/MarkupSafe-1.0.tar.gz", 
            "size": 14356
        }
    ], 
    "_id": null, 
    "cheesecake_installability_id": null
}