diff --git a/CHANGES b/CHANGES index c7d78b917..2884ef9ee 100644 --- a/CHANGES +++ b/CHANGES @@ -41,6 +41,18 @@ Version 2.10 .. _#685: https://github.com/pallets/jinja/pull/685 .. _#692: https://github.com/pallets/jinja/pull/692 +Version 2.9.7 +------------- + +(bugfix release, in development) + +- ``tojson`` filter marks output as safe to match documented behavior. + (`#718`_) +- Resolved a bug where getting debug locals for tracebacks could + modify template context. + +.. _#718: https://github.com/pallets/jinja/pull/718 + Version 2.9.6 ------------- (bugfix release, released on April 3rd 2017) diff --git a/jinja2/debug.py b/jinja2/debug.py index 07c21f1a8..b61139f0c 100644 --- a/jinja2/debug.py +++ b/jinja2/debug.py @@ -198,7 +198,7 @@ def translate_exception(exc_info, initial_skip=0): def get_jinja_locals(real_locals): ctx = real_locals.get('context') if ctx: - locals = ctx.get_all() + locals = ctx.get_all().copy() else: locals = {} diff --git a/jinja2/utils.py b/jinja2/utils.py index 133eac084..502a311c0 100644 --- a/jinja2/utils.py +++ b/jinja2/utils.py @@ -567,7 +567,7 @@ def htmlsafe_json_dumps(obj, dumper=None, **kwargs): .replace(u'>', u'\\u003e') \ .replace(u'&', u'\\u0026') \ .replace(u"'", u'\\u0027') - return rv + return Markup(rv) @implements_iterator diff --git a/tests/test_filters.py b/tests/test_filters.py index f323f761f..8962ced30 100644 --- a/tests/test_filters.py +++ b/tests/test_filters.py @@ -640,8 +640,9 @@ def __init__(self, id, name): def test_json_dump(self): env = Environment(autoescape=True) t = env.from_string('{{ x|tojson }}') - assert t.render(x={'foo': 'bar'}) == '{"foo": "bar"}' - assert t.render(x='"bar\'') == r'"\"bar\u0027"' + assert t.render(x={'foo': 'bar'}) == '{"foo": "bar"}' + assert t.render(x='"ba&r\'') == r'"\"ba\u0026r\u0027"' + assert t.render(x='') == r'"\u003cbar\u003e"' def my_dumps(value, **options): assert options == {'foo': 'bar'}