summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarius Gedminas <marius@gedmin.as>2013-02-07 23:05:01 +0000
committerMarius Gedminas <marius@gedmin.as>2013-02-07 23:05:01 +0000
commitba7df3574cdbcce535f70f05bcf8d8e2d09edd91 (patch)
tree6b73cd4ad9ea173e316f97447c2a402e792c2364
parentc0ed4d5510cb9bd7f4df104293d0d74e5e5f72b9 (diff)
downloadzope-tal-ba7df3574cdbcce535f70f05bcf8d8e2d09edd91.tar.gz
Towards Py3K: use html.escape instead of cgi.escape
There's one difference -- html.escape also escapes single quotes ('), while cgi.escape doesn't. html.escape doesn't exist on Python 2.x, while cgi.escape emits a deprecation warning on Python 3.x. To get unified behavior across all Python versions I had to inline the escape function in zope.tal.taldefs.quote().
Diffstat
-rw-r--r--src/zope/tal/taldefs.py10
-rw-r--r--src/zope/tal/talgenerator.py10
2 files changed, 14 insertions, 6 deletions
diff --git a/src/zope/tal/taldefs.py b/src/zope/tal/taldefs.py
index 3ece743..0715055 100644
--- a/src/zope/tal/taldefs.py
+++ b/src/zope/tal/taldefs.py
@@ -193,7 +193,9 @@ def attrEscape(s):
s = s.replace('"', '&quot;')
return s
-import cgi
-def quote(s, escape=cgi.escape):
- return '"%s"' % escape(s, 1)
-del cgi
+def quote(s):
+ s = s.replace("&", "&amp;") # Must be done first!
+ s = s.replace("<", "&lt;")
+ s = s.replace(">", "&gt;")
+ s = s.replace('"', "&quot;")
+ return '"%s"' % s
diff --git a/src/zope/tal/talgenerator.py b/src/zope/tal/talgenerator.py
index 92a679a..db14a4f 100644
--- a/src/zope/tal/talgenerator.py
+++ b/src/zope/tal/talgenerator.py
@@ -13,9 +13,15 @@
##############################################################################
"""Code generator for TALInterpreter intermediate code.
"""
-import cgi
import re
+try:
+ # Python 3.x
+ from html import escape
+except ImportError:
+ # Python 2.x
+ from cgi import escape
+
from zope.tal import taldefs
from zope.tal.taldefs import NAME_RE, TAL_VERSION
from zope.tal.taldefs import I18NError, METALError, TALError
@@ -257,7 +263,7 @@ class TALGenerator(object):
self.emit("rawtext", text)
def emitText(self, text):
- self.emitRawText(cgi.escape(text))
+ self.emitRawText(escape(text, False))
def emitDefines(self, defines):
for part in taldefs.splitParts(defines):
View Lorry Controller Status