Mercurial > genshi > genshi-test
comparison markup/filters.py @ 54:01981cbc7575
Fix a number of escaping problems:
* `Markup` instances were get escaped
* Expressions in text nodes no longer escape quotes (#9)
| author | cmlenz |
|---|---|
| date | Tue, 04 Jul 2006 13:09:36 +0000 |
| parents | b8456279c444 |
| children | 822089ae65ce |
comparison
equal
deleted
inserted
replaced
| 53:60f1a556690e | 54:01981cbc7575 |
|---|---|
| 116 prev_kind = None | 116 prev_kind = None |
| 117 for kind, data, pos in stream: | 117 for kind, data, pos in stream: |
| 118 if kind is Stream.TEXT: | 118 if kind is Stream.TEXT: |
| 119 textbuf.append(data) | 119 textbuf.append(data) |
| 120 elif prev_kind is Stream.TEXT: | 120 elif prev_kind is Stream.TEXT: |
| 121 text = Markup('').join(textbuf) | 121 text = Markup('').join(textbuf, escape_quotes=False) |
| 122 text = self._TRAILING_SPACE.sub('', text) | 122 text = self._TRAILING_SPACE.sub('', text) |
| 123 text = self._LINE_COLLAPSE.sub('\n', text) | 123 text = self._LINE_COLLAPSE.sub('\n', text) |
| 124 yield Stream.TEXT, Markup(text), pos | 124 yield Stream.TEXT, Markup(text), pos |
| 125 del textbuf[:] | 125 del textbuf[:] |
| 126 prev_kind = kind | 126 prev_kind = kind |
| 127 if kind is not Stream.TEXT: | 127 if kind is not Stream.TEXT: |
| 128 yield kind, data, pos | 128 yield kind, data, pos |
| 129 | 129 |
| 130 if textbuf: | 130 if textbuf: |
| 131 text = self._LINE_COLLAPSE.sub('\n', ''.join(textbuf)) | 131 text = Markup('').join(textbuf, escape_quotes=False) |
| 132 text = self._TRAILING_SPACE.sub('', text) | |
| 133 text = self._LINE_COLLAPSE.sub('\n', text) | |
| 132 yield Stream.TEXT, Markup(text), pos | 134 yield Stream.TEXT, Markup(text), pos |
| 133 | 135 |
| 134 | 136 |
| 135 class HTMLSanitizer(object): | 137 class HTMLSanitizer(object): |
| 136 """A filter that removes potentially dangerous HTML tags and attributes | 138 """A filter that removes potentially dangerous HTML tags and attributes |