noone said "forbid nothing". i said "you don't need to forbid all '<'s",
which is what you proposed was a problem with a data validation take.
you would obviously forbid html in an HTMLSafeCharField, which does limit
user's input. i'm just saying that in the vast, vast, vast majority of
form in
not true. no browser interprets a single "<" as a tag unless it has a
valid tag name (and company) and closing ">" directly after it. only the
most rudimentary implementations would blindly strip "<"s without looking
at their context.
(and they would be wrong anyway - consider )
> Derek Hoy w
> I'm not keen on escaping being controlled by the model - escaping
> should be a template-level decision as that's when you decide what
> format is being output (plain text email / HTML / XML / LaTeX for PDF
> conversion etc).
>
> I played around with some proof of concepts over the weekend and I
To better detail the "in the model" idea:
An additional field type would be added, extending CharField, called say
"HTMLSafeField". It would strip/escape/convert/reject invalid strings
both when being set and when being read. Otherwise it would behave just
like a CharField.
The key is not to t
> On 6/2/06, Nicola Larosa (tekNico) <[EMAIL PROTECTED]> wrote:
>> Ilias Lazaridis is a known Internet troll.
>>
>> http://www.encyclopediadramatica.com/index.php/Ilias
>>
>> Let's stop feeding him/her/it, it's just a waste of time.
>
> Nice catch!
>
> Adrian
yes, danke. :)
-- derek
--~--~---
regarding how a developer would interact with any schema evolution
implementation...would you prefer / see as more natural:
1) a commandline util only (via manage.py)
2) a web-based UI only (via the admin screens)
3) both
(remember that we're likely talking about a multi-step upgrade
>> This is actually one of the accepted Summer of Code projects for
>> Django, so the best answer is perhaps to way until the end of the
>> summer to see what happens with it.
>
> I cannot wait so long and additionally I sense several problems for the
> SoC project:
>
> http://case.lazaridis.com/m
hey all,
i'm derek, one of the SoC selectees. just
thought i'd pop my head in and say hi. :)
-- derek anderson
http://kered.org/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post t
