diff options
author | Marius Gedminas <marius@gedmin.as> | 2013-02-07 23:05:01 +0000 |
---|---|---|
committer | Marius Gedminas <marius@gedmin.as> | 2013-02-07 23:05:01 +0000 |
commit | ba7df3574cdbcce535f70f05bcf8d8e2d09edd91 (patch) | |
tree | 6b73cd4ad9ea173e316f97447c2a402e792c2364 | |
parent | c0ed4d5510cb9bd7f4df104293d0d74e5e5f72b9 (diff) | |
download | zope-tal-ba7df3574cdbcce535f70f05bcf8d8e2d09edd91.tar.gz |
Towards Py3K: use html.escape instead of cgi.escape
There's one difference -- html.escape also escapes single quotes ('),
while cgi.escape doesn't. html.escape doesn't exist on Python 2.x,
while cgi.escape emits a deprecation warning on Python 3.x. To get
unified behavior across all Python versions I had to inline the escape
function in zope.tal.taldefs.quote().
-rw-r--r-- | src/zope/tal/taldefs.py | 10 | ||||
-rw-r--r-- | src/zope/tal/talgenerator.py | 10 |
2 files changed, 14 insertions, 6 deletions
diff --git a/src/zope/tal/taldefs.py b/src/zope/tal/taldefs.py index 3ece743..0715055 100644 --- a/src/zope/tal/taldefs.py +++ b/src/zope/tal/taldefs.py @@ -193,7 +193,9 @@ def attrEscape(s): s = s.replace('"', '"') return s -import cgi -def quote(s, escape=cgi.escape): - return '"%s"' % escape(s, 1) -del cgi +def quote(s): + s = s.replace("&", "&") # Must be done first! + s = s.replace("<", "<") + s = s.replace(">", ">") + s = s.replace('"', """) + return '"%s"' % s diff --git a/src/zope/tal/talgenerator.py b/src/zope/tal/talgenerator.py index 92a679a..db14a4f 100644 --- a/src/zope/tal/talgenerator.py +++ b/src/zope/tal/talgenerator.py @@ -13,9 +13,15 @@ ############################################################################## """Code generator for TALInterpreter intermediate code. """ -import cgi import re +try: + # Python 3.x + from html import escape +except ImportError: + # Python 2.x + from cgi import escape + from zope.tal import taldefs from zope.tal.taldefs import NAME_RE, TAL_VERSION from zope.tal.taldefs import I18NError, METALError, TALError @@ -257,7 +263,7 @@ class TALGenerator(object): self.emit("rawtext", text) def emitText(self, text): - self.emitRawText(cgi.escape(text)) + self.emitRawText(escape(text, False)) def emitDefines(self, defines): for part in taldefs.splitParts(defines): |