Skip to content

Commit

Permalink
Django 5 enforces URL marked as safe in admin model
Browse files Browse the repository at this point in the history
  • Loading branch information
@oliche
oliche committed Jan 16, 2024
1 parent fd33497 commit 17e4c9e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ notes.txt
build
*venv
.idea/*
.cache/
alyx/alyx_full.sql.gz
.vscode/
alyx/data/management/commands/*ibl*
Expand Down
9 changes: 5 additions & 4 deletions alyx/misc/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
from django.contrib.contenttypes.admin import GenericTabularInline
from django.contrib.postgres.fields import JSONField
from django.utils.html import format_html, format_html_join
from django.utils.safestring import mark_safe

from misc.models import Note, Lab, LabMembership, LabLocation, CageType, \
Enrichment, Food, Housing, HousingSubject
Expand Down Expand Up @@ -80,16 +81,16 @@ class LabLocationAdmin(BaseAdmin):


class AdminImageWidget(AdminFileWidget):

def render(self, name, value, attrs=None, renderer=None):
output = []
if value and getattr(value, "url", None):
image_url = value.url
file_name = str(value)
output.append(('<a href="%s" target="_blank">'
'<img src="%s" width="400" alt="%s" /></a><br>') %
(image_url, image_url, file_name))
output.append(f'<a href="{image_url}" target="_blank">'
f'<img src="{image_url}" width="400" alt="{file_name}" /></a><br>')
output.append(super(AdminFileWidget, self).render(name, value, attrs, renderer))
return ''.join(output)
return mark_safe(''.join(output))


class ImageWidgetAdmin(BaseAdmin):
Expand Down

0 comments on commit 17e4c9e

Please sign in to comment.