This document covers all stable modules in django.utils
. Most of the
modules in django.utils
are designed for internal use and only the
following parts can be considered stable and thus backwards compatible as per
the internal release deprecation policy.
django.utils.cache
¶This module contains helper functions for controlling caching. It does so by
managing the Vary
header of responses. It includes functions to patch the
header of response objects directly and decorators that change functions to do
that header-patching themselves.
For information on the Vary
header, see RFC 2616#section-14.44 section
14.44.
Essentially, the Vary
HTTP header defines which headers a cache should take
into account when building its cache key. Requests with the same path but
different header content for headers named in Vary
need to get different
cache keys to prevent delivery of wrong content.
For example, internationalization middleware would need
to distinguish caches by the Accept-language
header.
patch_cache_control
(response, **kwargs)¶This function patches the Cache-Control
header by adding all keyword
arguments to it. The transformation is as follows:
True
(exactly True
, not just a
true value), only the parameter name is added to the header.str()
to it.get_max_age
(response)¶Returns the max-age from the response Cache-Control header as an integer
(or None
if it wasn’t found or wasn’t an integer).
patch_response_headers
(response, cache_timeout=None)¶Adds some useful headers to the given HttpResponse
object:
ETag
Last-Modified
Expires
Cache-Control
Each header is only added if it isn’t already set.
cache_timeout
is in seconds. The CACHE_MIDDLEWARE_SECONDS
setting is used by default.
add_never_cache_headers
(response)¶Adds headers to a response to indicate that a page should never be cached.
patch_vary_headers
(response, newheaders)¶Adds (or updates) the Vary
header in the given HttpResponse
object.
newheaders
is a list of header names that should be in Vary
.
Existing headers in Vary
aren’t removed.
get_cache_key
(request, key_prefix=None)¶Returns a cache key based on the request path. It can be used in the request phase because it pulls the list of headers to take into account from the global path registry and uses those to build a cache key to check against.
If there is no headerlist stored, the page needs to be rebuilt, so this
function returns None
.
learn_cache_key
(request, response, cache_timeout=None, key_prefix=None)¶Learns what headers to take into account for some request path from the
response object. It stores those headers in a global path registry so that
later access to that path will know what headers to take into account
without building the response object itself. The headers are named in
the Vary
header of the response, but we want to prevent response
generation.
The list of headers to use for cache key generation is stored in the same cache as the pages themselves. If the cache ages some data out of the cache, this just means that we have to build the response once to get at the Vary header and so at the list of headers to use for the cache key.
django.utils.datastructures
¶SortedDict
¶The django.utils.datastructures.SortedDict
class is a dictionary
that keeps its keys in the order in which they’re inserted.
SortedDict
adds two additional methods to the standard Python dict
class:
insert
(index, key, value)¶Deprecated since version 1.5.
Inserts the key, value pair before the item with the given index.
value_for_index
(index)¶Deprecated since version 1.5.
Returns the value of the item at the given zero-based index.
Creating a new SortedDict
must be done in a way where ordering is
guaranteed. For example:
SortedDict({'b': 1, 'a': 2, 'c': 3})
will not work. Passing in a basic Python dict
could produce unreliable
results. Instead do:
SortedDict([('b', 1), ('a', 2), ('c', 3)])
django.utils.dateparse
¶The functions defined in this module share the following properties:
ValueError
if their input is well formatted but
isn’t a valid date or time.None
if it isn’t well formatted at all.parse_date
(value)¶Parses a string and returns a datetime.date
.
parse_time
(value)¶Parses a string and returns a datetime.time
.
UTC offsets aren’t supported; if value
describes one, the result is
None
.
parse_datetime
(value)¶Parses a string and returns a datetime.datetime
.
UTC offsets are supported; if value
describes one, the result’s
tzinfo
attribute is a FixedOffset
instance.
django.utils.decorators
¶method_decorator
(decorator)¶Converts a function decorator into a method decorator. See decorating class based views for example usage.
decorator_from_middleware
(middleware_class)¶Given a middleware class, returns a view decorator. This lets you use middleware functionality on a per-view basis. The middleware is created with no params passed.
decorator_from_middleware_with_args
(middleware_class)¶Like decorator_from_middleware
, but returns a function
that accepts the arguments to be passed to the middleware_class.
For example, the cache_page()
decorator is created from the CacheMiddleware
like this:
cache_page = decorator_from_middleware_with_args(CacheMiddleware)
@cache_page(3600)
def my_view(request):
pass
django.utils.encoding
¶StrAndUnicode
¶A class that derives __str__
from __unicode__
.
On Python 2, __str__
returns the output of __unicode__
encoded as
a UTF-8 bytestring. On Python 3, __str__
returns the output of
__unicode__
.
Useful as a mix-in. If you support Python 2 and 3 with a single code base,
you can inherit this mix-in and just define __unicode__
.
python_2_unicode_compatible
()¶A decorator that defines __unicode__
and __str__
methods under
Python 2. Under Python 3 it does nothing.
To support Python 2 and 3 with a single code base, define a __str__
method returning text and apply this decorator to the class.
smart_text
(s, encoding='utf-8', strings_only=False, errors='strict')¶Returns a text object representing s
– unicode
on Python 2 and
str
on Python 3. Treats bytestrings using the encoding
codec.
If strings_only
is True
, don’t convert (some) non-string-like
objects.
smart_unicode
(s, encoding='utf-8', strings_only=False, errors='strict')¶Historical name of smart_text()
. Only available under Python 2.
is_protected_type
(obj)¶Determine if the object instance is of a protected type.
Objects of protected types are preserved as-is when passed to
force_text(strings_only=True)
.
force_text
(s, encoding='utf-8', strings_only=False, errors='strict')¶Similar to smart_text
, except that lazy instances are resolved to
strings, rather than kept as lazy objects.
If strings_only
is True
, don’t convert (some) non-string-like
objects.
force_unicode
(s, encoding='utf-8', strings_only=False, errors='strict')¶Historical name of force_text()
. Only available under Python 2.
smart_bytes
(s, encoding='utf-8', strings_only=False, errors='strict')¶Returns a bytestring version of s
, encoded as specified in
encoding
.
If strings_only
is True
, don’t convert (some) non-string-like
objects.
force_bytes
(s, encoding='utf-8', strings_only=False, errors='strict')¶Similar to smart_bytes
, except that lazy instances are resolved to
bytestrings, rather than kept as lazy objects.
If strings_only
is True
, don’t convert (some) non-string-like
objects.
smart_str
(s, encoding='utf-8', strings_only=False, errors='strict')¶Alias of smart_bytes()
on Python 2 and smart_text()
on Python
3. This function returns a str
or a lazy string.
For instance, this is suitable for writing to sys.stdout
on
Python 2 and 3.
force_str
(s, encoding='utf-8', strings_only=False, errors='strict')¶Alias of force_bytes()
on Python 2 and force_text()
on Python
3. This function always returns a str
.
iri_to_uri
(iri)¶Convert an Internationalized Resource Identifier (IRI) portion to a URI portion that is suitable for inclusion in a URL.
This is the algorithm from section 3.1 of RFC 3987#section-3.1. However, since we are assuming input is either UTF-8 or unicode already, we can simplify things a little from the full method.
Returns an ASCII string containing the encoded result.
filepath_to_uri
(path)¶Convert a file system path to a URI portion that is suitable for inclusion in a URL. The path is assumed to be either UTF-8 or unicode.
This method will encode certain characters that would normally be
recognized as special characters for URIs. Note that this method does not
encode the ‘ character, as it is a valid character within URIs. See
encodeURIComponent()
JavaScript function for more details.
Returns an ASCII string containing the encoded result.
django.utils.feedgenerator
¶Sample usage:
>>> from django.utils import feedgenerator
>>> feed = feedgenerator.Rss201rev2Feed(
... title=u"Poynter E-Media Tidbits",
... link=u"http://www.poynter.org/column.asp?id=31",
... description=u"A group Weblog by the sharpest minds in online media/journalism/publishing.",
... language=u"en",
... )
>>> feed.add_item(
... title="Hello",
... link=u"http://www.holovaty.com/test/",
... description="Testing."
... )
>>> with open('test.rss', 'w') as fp:
... feed.write(fp, 'utf-8')
For simplifying the selection of a generator use feedgenerator.DefaultFeed
which is currently Rss201rev2Feed
For definitions of the different versions of RSS, see: http://web.archive.org/web/20110718035220/http://diveintomark.org/archives/2004/02/04/incompatible-rss
get_tag_uri
(url, date)¶Creates a TagURI.
See http://web.archive.org/web/20110514113830/http://diveintomark.org/archives/2004/05/28/howto-atom-id
SyndicationFeed
¶Base class for all syndication feeds. Subclasses should provide write().
__init__
(title, link, description[, language=None, author_email=None, author_name=None, author_link=None, subtitle=None, categories=None, feed_url=None, feed_copyright=None, feed_guid=None, ttl=None, **kwargs])¶Initialize the feed with the given dictionary of metadata, which applies to the entire feed.
Any extra keyword arguments you pass to __init__
will be stored in
self.feed
.
All parameters should be Unicode objects, except categories
, which
should be a sequence of Unicode objects.
add_item
(title, link, description[, author_email=None, author_name=None, author_link=None, pubdate=None, comments=None, unique_id=None, enclosure=None, categories=(), item_copyright=None, ttl=None, **kwargs])¶Adds an item to the feed. All args are expected to be Python unicode
objects except pubdate
, which is a datetime.datetime
object, and
enclosure
, which is an instance of the Enclosure
class.
num_items
()¶root_attributes
()¶Return extra attributes to place on the root (i.e. feed/channel)
element. Called from write()
.
add_root_elements
(handler)¶Add elements in the root (i.e. feed/channel) element.
Called from write()
.
item_attributes
(item)¶Return extra attributes to place on each item (i.e. item/entry) element.
add_item_elements
(handler, item)¶Add elements on each item (i.e. item/entry) element.
write
(outfile, encoding)¶Outputs the feed in the given encoding to outfile
, which is a
file-like object. Subclasses should override this.
writeString
(encoding)¶Returns the feed in the given encoding as a string.
latest_post_date
()¶Returns the latest item’s pubdate
. If none of them have a
pubdate
, this returns the current date/time.
django.utils.functional
¶cached_property
(object)¶The @cached_property
decorator caches the result of a method with a
single self
argument as a property. The cached result will persist
as long as the instance does, so if the instance is passed around and the
function subsequently invoked, the cached result will be returned.
Consider a typical case, where a view might need to call a model’s method to perform some computation, before placing the model instance into the context, where the template might invoke the method once more:
# the model
class Person(models.Model):
def friends(self):
# expensive computation
...
return friends
# in the view:
if person.friends():
# in the template:
{% for friend in person.friends %}
Here, friends()
will be called twice. Since the instance person
in
the view and the template are the same, @cached_property
can avoid
that:
from django.utils.functional import cached_property
@cached_property
def friends(self):
# expensive computation
...
return friends
Note that as the method is now a property, in Python code it will need to be invoked appropriately:
# in the view:
if person.friends:
The cached value can be treated like an ordinary attribute of the instance:
# clear it, requiring re-computation next time it's called
del person.friends # or delattr(person, "friends")
# set a value manually, that will persist on the instance until cleared
person.friends = ["Huckleberry Finn", "Tom Sawyer"]
As well as offering potential performance advantages, @cached_property
can ensure that an attribute’s value does not change unexpectedly over the
life of an instance. This could occur with a method whose computation is
based on datetime.now()
, or simply if a change were saved to the
database by some other process in the brief interval between subsequent
invocations of a method on the same instance.
allow_lazy
(func, *resultclasses)¶Django offers many utility functions (particularly in django.utils
) that
take a string as their first argument and do something to that string. These
functions are used by template filters as well as directly in other code.
If you write your own similar functions and deal with translations, you’ll face the problem of what to do when the first argument is a lazy translation object. You don’t want to convert it to a string immediately, because you might be using this function outside of a view (and hence the current thread’s locale setting will not be correct).
For cases like this, use the django.utils.functional.allow_lazy()
decorator. It modifies the function so that if it’s called with a lazy
translation as the first argument, the function evaluation is delayed until it
needs to be converted to a string.
For example:
from django.utils.functional import allow_lazy
def fancy_utility_function(s, ...):
# Do some conversion on string 's'
...
fancy_utility_function = allow_lazy(fancy_utility_function, unicode)
The allow_lazy()
decorator takes, in addition to the function to decorate,
a number of extra arguments (*args
) specifying the type(s) that the
original function can return. Usually, it’s enough to include unicode
here
and ensure that your function returns only Unicode strings.
Using this decorator means you can write your function and assume that the input is a proper string, then add support for lazy translation objects at the end.
django.utils.html
¶Usually you should build up HTML using Django’s templates to make use of its
autoescape mechanism, using the utilities in django.utils.safestring
where appropriate. This module provides some additional low level utilitiesfor
escaping HTML.
escape
(text)¶Returns the given text with ampersands, quotes and angle brackets encoded
for use in HTML. The input is first passed through
force_text()
and the output has
mark_safe()
applied.
conditional_escape
(text)¶Similar to escape()
, except that it doesn’t operate on pre-escaped strings,
so it will not double escape.
format_html
(format_string, *args, **kwargs)¶This is similar to str.format, except that it is appropriate for
building up HTML fragments. All args and kwargs are passed through
conditional_escape()
before being passed to str.format
.
For the case of building up small HTML fragments, this function is to be
preferred over string interpolation using %
or str.format
directly,
because it applies escaping to all arguments - just like the Template system
applies escaping by default.
So, instead of writing:
mark_safe(u"%s <b>%s</b> %s" % (some_html,
escape(some_text),
escape(some_other_text),
))
you should instead use:
format_html(u"%{0} <b>{1}</b> {2}",
mark_safe(some_html), some_text, some_other_text)
This has the advantage that you don’t need to apply escape()
to each
argument and risk a bug and an XSS vulnerability if you forget one.
Note that although this function uses str.format
to do the
interpolation, some of the formatting options provided by str.format
(e.g. number formatting) will not work, since all arguments are passed
through conditional_escape()
which (ultimately) calls
force_text()
on the values.
format_html_join
(sep, format_string, args_generator)¶A wrapper of format_html()
, for the common case of a group of
arguments that need to be formatted using the same format string, and then
joined using sep
. sep
is also passed through
conditional_escape()
.
args_generator
should be an iterator that returns the sequence of
args
that will be passed to format_html()
. For example:
format_html_join('\n', "<li>{0} {1}</li>", ((u.first_name, u.last_name)
for u in users))
Tries to remove anything that looks like an HTML tag from the string, that
is anything contained within <>
.
Absolutely NO guarantee is provided about the resulting string being
HTML safe. So NEVER mark safe the result of a strip_tag
call without
escaping it first, for example with escape()
.
For example:
strip_tags(value)
If value
is "<b>Joel</b> <button>is</button> a <span>slug</span>"
the return value will be "Joel is a slug"
.
If you are looking for a more robust solution, take a look at the bleach Python library.
Removes a space-separated list of [X]HTML tag names from the output.
Absolutely NO guarantee is provided about the resulting string being HTML
safe. In particular, it doesn’t work recursively, so the output of
remove_tags("<sc<script>ript>alert('XSS')</sc</script>ript>", "script")
won’t remove the “nested” script tags. So if the value
is untrusted,
NEVER mark safe the result of a remove_tags()
call without escaping it
first, for example with escape()
.
For example:
remove_tags(value, "b span")
If value
is "<b>Joel</b> <button>is</button> a <span>slug</span>"
the
return value will be "Joel <button>is</button> a slug"
.
Note that this filter is case-sensitive.
If value
is "<B>Joel</B> <button>is</button> a <span>slug</span>"
the
return value will be "<B>Joel</B> <button>is</button> a slug"
.
django.utils.http
¶urlquote
(url, safe='/')¶A version of Python’s urllib.quote()
function that can operate on
unicode strings. The url is first UTF-8 encoded before quoting. The
returned string can safely be used as part of an argument to a subsequent
iri_to_uri()
call without double-quoting occurring. Employs lazy
execution.
urlquote_plus
(url, safe='')¶A version of Python’s urllib.quote_plus() function that can operate on
unicode strings. The url is first UTF-8 encoded before quoting. The
returned string can safely be used as part of an argument to a subsequent
iri_to_uri()
call without double-quoting occurring. Employs lazy
execution.
urlencode
(query, doseq=0)¶A version of Python’s urllib.urlencode() function that can operate on unicode strings. The parameters are first case to UTF-8 encoded strings and then encoded as per normal.
Formats the time to ensure compatibility with Netscape’s cookie standard.
Accepts a floating point number expressed in seconds since the epoch in
UTC–such as that outputted by time.time()
. If set to None
,
defaults to the current time.
Outputs a string in the format Wdy, DD-Mon-YYYY HH:MM:SS GMT
.
http_date
(epoch_seconds=None)¶Formats the time to match the RFC 1123 date format as specified by HTTP RFC 2616#section-3.3.1 section 3.3.1.
Accepts a floating point number expressed in seconds since the epoch in
UTC–such as that outputted by time.time()
. If set to None
,
defaults to the current time.
Outputs a string in the format Wdy, DD Mon YYYY HH:MM:SS GMT
.
base36_to_int
(s)¶Converts a base 36 string to an integer. On Python 2 the output is
guaranteed to be an int
and not a long
.
int_to_base36
(i)¶Converts a positive integer to a base 36 string. On Python 2 i
must be
smaller than sys.maxint
.
django.utils.safestring
¶Functions and classes for working with “safe strings”: strings that can be displayed safely without further escaping in HTML. Marking something as a “safe string” means that the producer of the string has already turned characters that should not be interpreted by the HTML engine (e.g. ‘<’) into the appropriate entities.
SafeBytes
¶A bytes
subclass that has been specifically marked as “safe”
(requires no further escaping) for HTML output purposes.
SafeString
¶A str
subclass that has been specifically marked as “safe”
(requires no further escaping) for HTML output purposes. This is
SafeBytes
on Python 2 and SafeText
on Python 3.
SafeText
¶A str
(in Python 3) or unicode
(in Python 2) subclass
that has been specifically marked as “safe” for HTML output purposes.
mark_safe
(s)¶Explicitly mark a string as safe for (HTML) output purposes. The returned object can be used everywhere a string or unicode object is appropriate.
Can be called multiple times on a single string.
For building up fragments of HTML, you should normally be using
django.utils.html.format_html()
instead.
String marked safe will become unsafe again if modified. For example:
>>> mystr = '<b>Hello World</b> '
>>> mystr = mark_safe(mystr)
>>> type(mystr)
<class 'django.utils.safestring.SafeBytes'>
>>> mystr = mystr.strip() # removing whitespace
>>> type(mystr)
<type 'str'>
mark_for_escaping
(s)¶Explicitly mark a string as requiring HTML escaping upon output. Has no
effect on SafeData
subclasses.
Can be called multiple times on a single string (the resulting escaping is only applied once).
django.utils.text
¶slugify
()¶Converts to lowercase, removes non-word characters (alphanumerics and underscores) and converts spaces to hyphens. Also strips leading and trailing whitespace.
For example:
slugify(value)
If value
is "Joel is a slug"
, the output will be "joel-is-a-slug"
.
django.utils.translation
¶For a complete discussion on the usage of the following see the translation documentation.
gettext
(message)¶Translates message
and returns it in a UTF-8 bytestring
ugettext
(message)¶Translates message
and returns it in a unicode string
pgettext
(context, message)¶Translates message
given the context
and returns
it in a unicode string.
For more information, see Contextual markers.
gettext_lazy
(message)¶ugettext_lazy
(message)¶pgettext_lazy
(context, message)¶Same as the non-lazy versions above, but using lazy execution.
gettext_noop
(message)¶ugettext_noop
(message)¶Marks strings for translation but doesn’t translate them now. This can be used to store strings in global variables that should stay in the base language (because they might be used externally) and will be translated later.
ngettext
(singular, plural, number)¶Translates singular
and plural
and returns the appropriate string
based on number
in a UTF-8 bytestring.
ungettext
(singular, plural, number)¶Translates singular
and plural
and returns the appropriate string
based on number
in a unicode string.
npgettext
(context, singular, plural, number)¶Translates singular
and plural
and returns the appropriate string
based on number
and the context
in a unicode string.
ngettext_lazy
(singular, plural, number)¶ungettext_lazy
(singular, plural, number)¶npgettext_lazy
(context, singular, plural, number)¶Same as the non-lazy versions above, but using lazy execution.
string_concat
(*strings)¶Lazy variant of string concatenation, needed for translations that are constructed from multiple parts.
activate
(language)¶Fetches the translation object for a given language and installs it as the current translation object for the current thread.
deactivate
()¶De-installs the currently active translation object so that further _ calls will resolve against the default translation object, again.
deactivate_all
()¶Makes the active translation object a NullTranslations() instance. This is useful when we want delayed translations to appear as the original string for some reason.
override
(language, deactivate=False)¶A Python context manager that uses
django.utils.translation.activate()
to fetch the translation object
for a given language, installing it as the translation object for the
current thread and reinstall the previous active language on exit.
Optionally it can simply deinstall the temporary translation on exit with
django.utils.translation.deactivate()
if the deactivate argument is
True. If you pass None as the language argument, a NullTranslations()
instance is installed while the context is active.
get_language
()¶Returns the currently selected language code.
get_language_bidi
()¶Returns selected language’s BiDi layout:
False
= left-to-right layoutTrue
= right-to-left layoutget_language_from_request
(request, check_path=False)¶Analyzes the request to find what language the user wants the system to show. Only languages listed in settings.LANGUAGES are taken into account. If the user requests a sublanguage where we have a main language, we send out the main language.
If check_path
is True
, the function first checks the requested URL
for whether its path begins with a language code listed in the
LANGUAGES
setting.
to_locale
(language)¶Turns a language name (en-us) into a locale name (en_US).
templatize
(src)¶Turns a Django template into something that is understood by xgettext. It does so by translating the Django translation tags into standard gettext function invocations.
django.utils.timezone
¶get_default_timezone
()¶Returns a tzinfo
instance that represents the
default time zone.
get_default_timezone_name
()¶Returns the name of the default time zone.
get_current_timezone
()¶Returns a tzinfo
instance that represents the
current time zone.
get_current_timezone_name
()¶Returns the name of the current time zone.
activate
(timezone)¶Sets the current time zone. The
timezone
argument must be an instance of a tzinfo
subclass or, if pytz is available, a time zone name.
deactivate
()¶Unsets the current time zone.
override
(timezone)¶This is a Python context manager that sets the current time zone on entry with activate()
, and restores
the previously active time zone on exit. If the timezone
argument is
None
, the current time zone is unset
on entry with deactivate()
instead.
localtime
(value, timezone=None)¶Converts an aware datetime
to a different time zone,
by default the current time zone.
This function doesn’t work on naive datetimes; use make_aware()
instead.
now
()¶Returns an aware or naive datetime
that represents the
current point in time when USE_TZ
is True
or False
respectively.
is_aware
(value)¶Returns True
if value
is aware, False
if it is naive. This
function assumes that value
is a datetime
.
is_naive
(value)¶Returns True
if value
is naive, False
if it is aware. This
function assumes that value
is a datetime
.
Apr 12, 2017