Massive clean-up of |safe, |escape and XHTML processing code

Simon Willison · Simon Willison · commit 7295cddd1a6a · 2017-10-21T08:46:20.000-07:00
I think I originally wrote these templates back before Django had auto-
escaping! As a result, they were cluttered with calls to |safe and |escape and
the logic was getting pretty confusing.

I've managed to eliminate every single call to |escape and all but two
(necessary) calls to |safe.

Almost all of the content on my blog should be treated as regular strings
without markup - the the exception of the entry bodies themselves, which are
stored (and validated) as XHTML fragments.

Previously, my various template filters like |typography and |first_paragraph
would each take a string of (hopefully) XHTML, parse that into ElementTree,
process it in some way and then serialize it back to a string again. This
could happen dozens of times on a single page.

I've introduced a new XhtmlString class which allows me to execute that
parsing stage just once, and then pass an object along to each of the filters
that they can then work with. The __str__ method knows how to serialize back
to XML.

I've also introduced a |xhtml filter which expects a string of XHTML and turns
it into one of those objects, treating the markup as markup. Without this
filter, a string will be assumed to be e.g. a title with ampersands in it so
the string will be escaped before being handed to ElementTree.
diff --git a/blog/templatetags/entry_tags.py b/blog/templatetags/entry_tags.py
@@ -1,5 +1,7 @@
 from django import template
 from django.utils.timezone import utc
+from django.utils.html import conditional_escape
+from django.utils.safestring import mark_safe
 from xml.etree import ElementTree
 import re
 import datetime
@@ -8,56 +10,73 @@
 entry_stripper = re.compile('^<entry>(.*?)</entry>$', re.DOTALL)
 
 
-def _back_to_xhtml(et):
-    m = entry_stripper.match(ElementTree.tostring(et, 'unicode'))
-    if m:
-        return m.group(1)
-    else:
-        return '' # If we end up with <entry />
+@register.filter
+def xhtml(xhtml):
+    return XhtmlString(xhtml, contains_markup=True)
+
+
+class XhtmlString(object):
+    def __init__(self, value, contains_markup=False):
+        if isinstance(value, XhtmlString):
+            self.et = value.et
+        else:
+            if not contains_markup:
+                # Handle strings like "this & that"
+                value = conditional_escape(value)
+            self.et = ElementTree.fromstring(
+                '<entry>%s</entry>' % value
+            )
+
+    def __str__(self):
+        m = entry_stripper.match(ElementTree.tostring(self.et, 'unicode'))
+        if m:
+            return mark_safe(m.group(1))
+        else:
+            return '' # If we end up with <entry />
 
 
 @register.filter
 def resize_images_to_fit_width(value, arg):
     max_width = int(arg)
-    et = ElementTree.fromstring('<entry>%s</entry>' % value)
-    for img in et.findall('.//img'):
+    x = XhtmlString(value)
+    for img in x.et.findall('.//img'):
         width = int(img.get('width', 0))
         height = int(img.get('height', 0))
         if width > max_width:
             # Scale down
             img.set('width', str(max_width))
             img.set('height', str(int(float(max_width) / width * height)))
-    return _back_to_xhtml(et)
+    return x
 
 xhtml_endtag_fragment = re.compile('\s*/>')
 
 
 @register.filter
 def xhtml2html(xhtml):
     # &apos; is valid in XML/XHTML but not in regular HTML
-    s = xhtml.replace('&apos;', '&#39;')
-    return xhtml_endtag_fragment.sub('>', s)
+    s = str(xhtml).replace('&apos;', '&#39;')
+    return mark_safe(xhtml_endtag_fragment.sub('>', s))
 
 
 @register.filter
 def remove_quora_paragraph(xhtml):
-    et = ElementTree.fromstring('<entry>%s</entry>' % xhtml)
-    p = et.find('p')
+    x = XhtmlString(xhtml)
+    p = x.et.find('p')
     if p is None:
-        return _back_to_xhtml(et)
+        return x
     if ElementTree.tostring(p, 'unicode').startswith('<p><em>My answer to'):
-        et.remove(p)
-    return _back_to_xhtml(et)
+        x.et.remove(p)
+    return x
 
 
 @register.filter
 def first_paragraph(xhtml):
-    et = ElementTree.fromstring(('<entry>%s</entry>' % xhtml))
-    p = et.find('p')
+    x = XhtmlString(xhtml)
+    p = x.et.find('p')
     if p is not None:
-        return ElementTree.tostring(p, 'unicode')
+        return mark_safe(ElementTree.tostring(p, 'unicode'))
     else:
-        return ('<p>%s</p>' % xhtml)
+        return mark_safe('<p>%s</p>' % xhtml)
 
 
 @register.filter
@@ -78,20 +97,20 @@ def ends_with_punctuation(value):
 
 @register.filter
 def strip_p_ids(xhtml):
-    et = ElementTree.fromstring('<entry>%s</entry>' % xhtml)
-    for p in et.findall('.//p'):
+    x = XhtmlString(xhtml)
+    for p in x.et.findall('.//p'):
         if 'id' in p.attrib:
             del p.attrib['id']
-    return _back_to_xhtml(et)
+    return x
 
 
 @register.filter
 def break_up_long_words(xhtml, length):
     """Breaks up words that are longer than the argument."""
     length = int(length)
-    et = ElementTree.fromstring('<entry>%s</entry>' % xhtml)
-    do_break_long_words(et, length)
-    return _back_to_xhtml(et)
+    x = XhtmlString(xhtml)
+    do_break_long_words(x.et, length)
+    return x
 
 
 def do_break_long_words(et, length):
@@ -126,9 +145,9 @@ def typography(xhtml):
     if not xhtml:
         return xhtml
     "Handles curly quotes and em dashes. Must be fed valid XHTML!"
-    et = ElementTree.fromstring('<entry>%s</entry>' % xhtml)
-    do_typography(et)
-    return _back_to_xhtml(et)
+    x = XhtmlString(xhtml)
+    do_typography(x.et)
+    return x
 
 
 def do_typography(et):
diff --git a/blog/tests.py b/blog/tests.py
@@ -42,3 +42,16 @@ def test_quotation(self):
         response = self.client.get(quotation.get_absolute_url())
         self.assertTemplateUsed(response, 'quotation.html')
         self.assertEqual(response.context['quotation'].pk, quotation.pk)
+
+    def test_markup(self):
+        entry = EntryFactory(
+            title='Hello & goodbye',
+            body='<p>First paragraph</p><p>Second paragraph</p>',
+        )
+        response = self.client.get(entry.get_absolute_url())
+        self.assertContains(response, '''
+            <h2>Hello &amp; goodbye</h2>
+        ''', html=True)
+        self.assertContains(response, '''
+            <p>First paragraph</p><p>Second paragraph</p>
+        '''.strip())
diff --git a/templates/archive_day.html b/templates/archive_day.html
@@ -15,7 +15,7 @@ <h2>{{ date|date:"l, jS F Y"}}</h2>
 {% load blog_calendar %}
 {% render_calendar date %}
 {% if photo %}
-<div class="photos">{% for p in photo %}<a class="photolink" href="{{ p.photopage }}"><img src="{{ p.url_s }}" alt="{{ p.title|escape }}" title="{{ p.title|escape }}"></a>{% endfor %}</div><br style="clear: both">
+<div class="photos">{% for p in photo %}<a class="photolink" href="{{ p.photopage }}"><img src="{{ p.url_s }}" alt="{{ p.title }}" title="{{ p.title }}"></a>{% endfor %}</div><br style="clear: both">
 {% if more_photos %}<a href="https://www.flickr.com/photos/simon/archives/date-posted/{{ date|date:"Y/m/d/"}}">... {{ more_photos }} photo{{ more_photos|pluralize }}</a>{% endif %}
 {% endif %}
 </div>
diff --git a/templates/archive_month.html b/templates/archive_month.html
@@ -10,7 +10,7 @@ <h2>{{ date|date:"F Y"}}</h2>
 <h3>Blog entries</h3>
 <ul>
 {% for entry in entries %}
-<li>{{ entry.created|date:"jS"}}: <strong><a href="{{ entry.get_absolute_url }}">{{ entry.title|escape }}</a></strong></li>
+<li>{{ entry.created|date:"jS"}}: <strong><a href="{{ entry.get_absolute_url }}">{{ entry.title }}</a></strong></li>
 {% endfor %}
 </ul>
 {% endif %}
diff --git a/templates/archive_tag.html b/templates/archive_tag.html
@@ -1,9 +1,9 @@
 {% extends "smallhead.html" %}
 
-{% block title %}Items tagged “{{ tags|join:"” and “"|escape }}”{% endblock %}
+{% block title %}Items tagged “{{ tags|join:"” and “" }}”{% endblock %}
 
 {% block primary %}
-<h2>{{ total }} item{{ total|pluralize }} tagged “{{ tags|join:"” and “"|escape }}”</h2>
+<h2>{{ total }} item{{ total|pluralize }} tagged “{{ tags|join:"” and “" }}”</h2>
 {% load blog_tags %}
 
 {% blog_mixed_list_with_dates items %}
diff --git a/templates/blogmark.html b/templates/blogmark.html
@@ -1,13 +1,13 @@
 {% extends "item_base.html" %}
 
-{% block title %}{{ blogmark.link_title|escape }}{% endblock %}
+{% block title %}{{ blogmark.link_title }}{% endblock %}
 {% load entry_tags %}
 
-{% block card_title %}{{ blogmark.link_title|force_escape|typography }}{% endblock %}
+{% block card_title %}{{ blogmark.link_title|typography }}{% endblock %}
 {% block card_description %}{{ blogmark.commentary|truncatewords:30 }}{% endblock %}
 
 {% block item_content %}
-<p><a href="{{ blogmark.link_url|escape }}">{{ blogmark.link_title|escape }}</a>{% if blogmark.via_url %} (<a href="{{ blogmark.via_url|escape }}" title="{{ blogmark.via_title|escape }}">via</a>){% endif %}{% if not blogmark.via_url and not blogmark.link_title|ends_with_punctuation %}.{% endif %} {{ blogmark.commentary|force_escape|typography }} </p>
+<p><a href="{{ blogmark.link_url }}">{{ blogmark.link_title }}</a>{% if blogmark.via_url %} (<a href="{{ blogmark.via_url }}" title="{{ blogmark.via_title }}">via</a>){% endif %}{% if not blogmark.via_url and not blogmark.link_title|ends_with_punctuation %}.{% endif %} {{ blogmark.commentary|typography }} </p>
 
 <div class="entryFooter">Posted <a href="/{{ blogmark.created|date:"Y/M/j/" }}">{{ blogmark.created|date:"jS F Y" }}</a> at {{ blogmark.created|date:"f A"|lower }}</div>
 {% endblock %}
diff --git a/templates/entry.html b/templates/entry.html
@@ -1,31 +1,31 @@
 {% extends "item_base.html" %}
 {% load entry_tags %}
-{% block title %}{{ entry.title|force_escape|typography }}{% endblock %}
+{% block title %}{{ entry.title|typography }}{% endblock %}
 
-{% block card_title %}{{ entry.title|force_escape|typography }}{% endblock %}
-{% block card_description %}{{ entry.body|remove_quora_paragraph|typography|xhtml2html|striptags|truncatewords:30 }}{% endblock %}
+{% block card_title %}{{ entry.title|typography }}{% endblock %}
+{% block card_description %}{{ entry.body|xhtml|remove_quora_paragraph|typography|xhtml2html|striptags|truncatewords:30 }}{% endblock %}
 
 {% block item_content %}
-<h2>{{ entry.title|force_escape|typography }}</h2>
+<h2>{{ entry.title|typography }}</h2>
 
-{{ entry.body|resize_images_to_fit_width:"450"|typography|xhtml2html|safe }}
+{{ entry.body|xhtml|resize_images_to_fit_width:"450"|typography|xhtml2html }}
 
 <div class="entryFooter">Posted <a href="/{{ entry.created|date:"Y/M/j/" }}">{{ entry.created|date:"jS F Y" }}</a> at {{ entry.created|date:"f A"|lower }} &middot; Follow <a href="https://twitter.com/">@simonw</a> on Twitter</div>
 
 {% endblock %}
 
 {% block secondary %}
 <div class="metabox">
-<p class="this-is">This is <strong>{{ entry.title|force_escape|typography }}</strong> by Simon Willison, posted on <a href="/{{ entry.created|date:"Y/M/j/" }}">{{ entry.created|date:"jS F Y" }}</a>.</p>
+<p class="this-is">This is <strong>{{ entry.title|typography }}</strong> by Simon Willison, posted on <a href="/{{ entry.created|date:"Y/M/j/" }}">{{ entry.created|date:"jS F Y" }}</a>.</p>
 {% if entry.tags.count %}
-<p>Tagged {% for tag in entry.tags.all %}{{ tag.get_reltag|safe }}{% if not forloop.last %}, {% endif %}{% endfor %}</p>
+<p>Tagged {% for tag in entry.tags.all %}{{ tag.get_reltag }}{% if not forloop.last %}, {% endif %}{% endfor %}</p>
 {% endif %}
 
 {% with entry.get_next_by_created as next_entry %}{% if next_entry %}
-<p><strong>Next:</strong> <a href="{{ next_entry.get_absolute_url }}">{{ next_entry.title|escape }}</a></p>
+<p><strong>Next:</strong> <a href="{{ next_entry.get_absolute_url }}">{{ next_entry.title }}</a></p>
 {% endif %}{% endwith %}
 {% with entry.get_previous_by_created as previous_entry %}{% if previous_entry %}
-<p><strong>Previous:</strong> <a href="{{ previous_entry.get_absolute_url }}">{{ previous_entry.title|escape }}</a></p>
+<p><strong>Previous:</strong> <a href="{{ previous_entry.get_absolute_url }}">{{ previous_entry.title }}</a></p>
 {% endif %}{% endwith %}
 </div>
 
diff --git a/templates/feeds/quotation.html b/templates/feeds/quotation.html
@@ -1 +1 @@
-<blockquote{% if obj.source_url %} cite="{{ obj.source_url|escape }}"{% endif %}><p>{{ obj.quotation|escape }}</p></blockquote><p class="cite">&mdash; {% if obj.source_url %}<a href="{{ obj.source_url|escape }}">{{ obj.source|escape }}</a>{% else %}{{ obj.source|escape }}{% endif %}
+<blockquote{% if obj.source_url %} cite="{{ obj.source_url }}"{% endif %}><p>{{ obj.quotation }}</p></blockquote><p class="cite">&mdash; {% if obj.source_url %}<a href="{{ obj.source_url }}">{{ obj.source }}</a>{% else %}{{ obj.source }}{% endif %}
diff --git a/templates/homepage.html b/templates/homepage.html
@@ -10,8 +10,8 @@ <h2 class="overband">Recent entries <a href="/atom/entries/" title="Atom feed of
 {% load entry_tags %}
 {% for entry in entries %}
 <div class="entry segment">
-<h3><a href="{{ entry.get_absolute_url }}" rel="bookmark">{{ entry.title|force_escape|typography|safe }}</a> <span class="textago">{% if entry.is_today %}today{% else %}{{ entry.created|text_ago }}{% endif %}</span></h3>
-{{ entry.body|resize_images_to_fit_width:"450"|typography|strip_p_ids|xhtml2html|safe }}
+<h3><a href="{{ entry.get_absolute_url }}" rel="bookmark">{{ entry.title|typography }}</a> <span class="textago">{% if entry.is_today %}today{% else %}{{ entry.created|text_ago }}{% endif %}</span></h3>
+{{ entry.body|xhtml|resize_images_to_fit_width:"450"|typography|strip_p_ids|xhtml2html }}
 <div class="entryFooter">
 {% entry_footer entry %}
 </div>
@@ -23,15 +23,15 @@ <h3><a href="{{ entry.get_absolute_url }}" rel="bookmark">{{ entry.title|force_e
 <h2 class="overband">Elsewhere <a href="/atom/links/" title="Atom feed of new links"><svg xmlns="https://www.w3.org/2000/svg"  width="14px" height="14px" viewBox="0 0 256 256"><circle cx="68" cy="189" r="24" fill="#FFF"/><path fill="#FFF" d="M160 213h-34a82 82 0 0 0-82-82V97a116 116 0 0 1 116 116z"/><path fill="#FFF" d="M184 213A140 140 0 0 0 44 73V38a175 175 0 0 1 175 175z"/></svg></a></h2>
 {% for day in days %}
 <div class="day">
-<h3><a href="{{ day.date|date:"/Y/M/j/" }}">{% if day.special %}{{ day.special|escape }}{% else %}{{ day.date|date:"jS F Y" }}{% endif %}</a></h3>
-{% if day.photos %}<div class="photos">{% for photo in day.photos %}<a href="{{ photo.photopage }}" class="photolink"><img src="{{ photo.url_s }}" alt="{{ photo.title|escape }}" title="{{ photo.title|escape }}"></a>{% endfor %}</div>
+<h3><a href="{{ day.date|date:"/Y/M/j/" }}">{% if day.special %}{{ day.special }}{% else %}{{ day.date|date:"jS F Y" }}{% endif %}</a></h3>
+{% if day.photos %}<div class="photos">{% for photo in day.photos %}<a href="{{ photo.photopage }}" class="photolink"><img src="{{ photo.url_s }}" alt="{{ photo.title }}" title="{{ photo.title }}"></a>{% endfor %}</div>
 <br style="clear: both">{% endif %}
 {% if day.items %}
 <ul>{% for item in day.items %}
   <li>{% ifequal item.type "link" %}
-      <a href="{{ item.obj.link_url|escape }}">{{ item.obj.link_title|escape }}</a>{% if item.obj.via_url %} (<a href="{{ item.obj.via_url|escape }}" title="{{ item.obj.via_title|escape }}">via</a>){% endif %}{% if not item.obj.via_url and not item.obj.link_title|ends_with_punctuation %}.{% endif %} {{ item.obj.commentary|force_escape|typography }} <a href="{{ item.obj.get_absolute_url }}" rel="bookmark">#</a>
+      <a href="{{ item.obj.link_url }}">{{ item.obj.link_title }}</a>{% if item.obj.via_url %} (<a href="{{ item.obj.via_url }}" title="{{ item.obj.via_title }}">via</a>){% endif %}{% if not item.obj.via_url and not item.obj.link_title|ends_with_punctuation %}.{% endif %} {{ item.obj.commentary|typography }} <a href="{{ item.obj.get_absolute_url }}" rel="bookmark">#</a>
       {% else %}
-      <blockquote><p>{{ item.obj.quotation|force_escape|typography|escape }}</p></blockquote><p class="cite">&mdash; {% if item.obj.source_url %}<a href="{{ item.obj.source_url|escape }}">{{ item.obj.source|escape }}</a>{% else %}{{ item.obj.source|escape }}{% endif %} <a href="{{ item.obj.get_absolute_url }}#comments" rel="bookmark">#</a></p>
+      <blockquote><p>{{ item.obj.quotation|typography }}</p></blockquote><p class="cite">&mdash; {% if item.obj.source_url %}<a href="{{ item.obj.source_url }}">{{ item.obj.source }}</a>{% else %}{{ item.obj.source }}{% endif %} <a href="{{ item.obj.get_absolute_url }}#comments" rel="bookmark">#</a></p>
       {% endifequal %}
   </li>
   {% endfor %}
diff --git a/templates/includes/blog_mixed_list.html b/templates/includes/blog_mixed_list.html
@@ -2,29 +2,29 @@
 {% for item in items %}
 {% ifequal item.type "photoset" %}
 <div class="photoset segment">
-  <a class="primary" href="{{ item.obj.get_absolute_url }}"><img class="primary" src="{{ item.obj.primary.url_s }}" alt="{{ item.obj.primary.title|escape }}" width="75" height="75"></a>
-  <h4><a href="{{ item.obj.get_absolute_url }}">{{ item.obj.title|escape }}</a>, a photoset</h4>
+  <a class="primary" href="{{ item.obj.get_absolute_url }}"><img class="primary" src="{{ item.obj.primary.url_s }}" alt="{{ item.obj.primary.title }}" width="75" height="75"></a>
+  <h4><a href="{{ item.obj.get_absolute_url }}">{{ item.obj.title }}</a>, a photoset</h4>
   {% if item.obj.description %}<p>{{ item.obj.description }}</p>{% endif %}
   <p class="meta">{{ item.obj.primary.created|date:"f A"|lower }} / {{ item.obj.photos.count }} photo{{ item.obj.photos.count|pluralize }}{% if item.obj.has_map %} / <a href="{{ item.obj.get_absolute_url }}map/">map</a>{% endif %}</p>
   <br style="clear: both">
 </div>
 {% endifequal %}
 {% ifequal item.type "entry" %}
 <div class="entry segment">
-  <h3><a href="{{ item.obj.get_absolute_url }}" rel="bookmark">{{ item.obj.title|force_escape|typography }}</a></h3>
+  <h3><a href="{{ item.obj.get_absolute_url }}" rel="bookmark">{{ item.obj.title|typography }}</a></h3>
   <p>
-    {{ item.obj.body|remove_quora_paragraph|first_paragraph|typography|xhtml2html|safe }} <span style="font-size: 0.9em">[... <a href="{{ item.obj.get_absolute_url }}">{{ item.obj.body|wordcount }} word{{ item.obj.body|wordcount|pluralize }}</a>]</span></p>
+    {{ item.obj.body|xhtml|remove_quora_paragraph|first_paragraph|typography|xhtml2html }} <span style="font-size: 0.9em">[... <a href="{{ item.obj.get_absolute_url }}">{{ item.obj.body|wordcount }} word{{ item.obj.body|wordcount|pluralize }}</a>]</span></p>
   <div class="entryFooter">
   {% if showdate %}{% entry_footer item.obj %}{% else %}{% entry_footer_no_date item.obj %}{% endif %}
   </div>
 </div> <!-- end div.entry -->
 {% endifequal %}
 {% ifequal item.type "blogmark" %}
-<div class="blogmark segment"><p><a href="{{ item.obj.link_url|escape }}">{{ item.obj.link_title|force_escape|typography }}</a>{% if item.obj.via_url %} (<a href="{{ item.obj.via_url|escape }}" title="{{ item.obj.via_title|force_escape|typography }}">via</a>){% endif %}{% if not item.obj.via_url and not item.obj.link_title|ends_with_punctuation %}.{% endif %} {{ item.obj.commentary|force_escape|typography }} <a href="{{ item.obj.get_absolute_url }}" rel="bookmark">#</a> {% if showdate %}<a href="/{{ item.obj.created|date:"Y/M/j/" }}">{{ item.obj.created|date:"jS F Y" }}</a>, {% endif %}{{ item.obj.created|date:"f A"|lower }}</p>
+<div class="blogmark segment"><p><a href="{{ item.obj.link_url }}">{{ item.obj.link_title|typography }}</a>{% if item.obj.via_url %} (<a href="{{ item.obj.via_url }}" title="{{ item.obj.via_title|typography }}">via</a>){% endif %}{% if not item.obj.via_url and not item.obj.link_title|ends_with_punctuation %}.{% endif %} {{ item.obj.commentary|typography }} <a href="{{ item.obj.get_absolute_url }}" rel="bookmark">#</a> {% if showdate %}<a href="/{{ item.obj.created|date:"Y/M/j/" }}">{{ item.obj.created|date:"jS F Y" }}</a>, {% endif %}{{ item.obj.created|date:"f A"|lower }}</p>
 </div>
 {% endifequal %}
 {% ifequal item.type "quotation" %}
-<div class="quote segment"><blockquote{% if item.obj.source_url %} cite="{{ item.obj.source_url|escape }}"{% endif %}><p>{{ item.obj.quotation|force_escape|typography }}</p></blockquote><p class="cite">&mdash; {% if item.obj.source_url %}<a href="{{ item.obj.source_url|escape }}">{{ item.obj.source|escape }}</a>{% else %}{{ item.obj.source|escape }}{% endif %} <a href="{{ item.obj.get_absolute_url }}#comments" rel="bookmark">#</a> {% if showdate %}<a href="/{{ item.obj.created|date:"Y/M/j/" }}">{{ item.obj.created|date:"jS F Y" }}</a>, {% endif %}{{ item.obj.created|date:"f A"|lower }}</p>
+<div class="quote segment"><blockquote{% if item.obj.source_url %} cite="{{ item.obj.source_url }}"{% endif %}><p>{{ item.obj.quotation|typography }}</p></blockquote><p class="cite">&mdash; {% if item.obj.source_url %}<a href="{{ item.obj.source_url }}">{{ item.obj.source }}</a>{% else %}{{ item.obj.source }}{% endif %} <a href="{{ item.obj.get_absolute_url }}#comments" rel="bookmark">#</a> {% if showdate %}<a href="/{{ item.obj.created|date:"Y/M/j/" }}">{{ item.obj.created|date:"jS F Y" }}</a>, {% endif %}{{ item.obj.created|date:"f A"|lower }}</p>
 </div>
 {% endifequal %}
 {% endfor %}
diff --git a/templates/includes/entry_footer.html b/templates/includes/entry_footer.html
@@ -1 +1 @@
-<a href="{{ entry.get_absolute_url }}" title="Permalink for &quot;{{ entry.title|escape }}&quot;">{{ entry.created|date:"f A"|lower }}</a>{% if showdate %} / <a href="/{{ entry.created|date:"Y/M/j/" }}">{{ entry.created|date:"jS F Y" }}</a>{% endif %}{% if entry.tags.count %} / {% for tag in entry.tags.all %}{{ tag.get_link }}{% if not forloop.last %}, {% endif %}{% endfor %}{% endif %}
+<a href="{{ entry.get_absolute_url }}" title="Permalink for &quot;{{ entry.title }}&quot;">{{ entry.created|date:"f A"|lower }}</a>{% if showdate %} / <a href="/{{ entry.created|date:"Y/M/j/" }}">{{ entry.created|date:"jS F Y" }}</a>{% endif %}{% if entry.tags.count %} / {% for tag in entry.tags.all %}{{ tag.get_link }}{% if not forloop.last %}, {% endif %}{% endfor %}{% endif %}
diff --git a/templates/item_base.html b/templates/item_base.html
diff --git a/templates/quotation.html b/templates/quotation.html
diff --git a/templates/write.html b/templates/write.html

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-<blockquote{% if obj.source_url %} cite="{{ obj.source_url\|escape }}"{% endif %}><p>{{ obj.quotation\|escape }}</p></blockquote><p class="cite">— {% if obj.source_url %}<a href="{{ obj.source_url\|escape }}">{{ obj.source\|escape }}</a>{% else %}{{ obj.source\|escape }}{% endif %}`
	`1`	`+<blockquote{% if obj.source_url %} cite="{{ obj.source_url }}"{% endif %}><p>{{ obj.quotation }}</p></blockquote><p class="cite">— {% if obj.source_url %}<a href="{{ obj.source_url }}">{{ obj.source }}</a>{% else %}{{ obj.source }}{% endif %}`