Mercurial > genshi > genshi-test
comparison markup/filters.py @ 54:01981cbc7575
Fix a number of escaping problems:
* `Markup` instances were get escaped
* Expressions in text nodes no longer escape quotes (#9)
author | cmlenz |
---|---|
date | Tue, 04 Jul 2006 13:09:36 +0000 |
parents | b8456279c444 |
children | 822089ae65ce |
comparison
equal
deleted
inserted
replaced
53:60f1a556690e | 54:01981cbc7575 |
---|---|
116 prev_kind = None | 116 prev_kind = None |
117 for kind, data, pos in stream: | 117 for kind, data, pos in stream: |
118 if kind is Stream.TEXT: | 118 if kind is Stream.TEXT: |
119 textbuf.append(data) | 119 textbuf.append(data) |
120 elif prev_kind is Stream.TEXT: | 120 elif prev_kind is Stream.TEXT: |
121 text = Markup('').join(textbuf) | 121 text = Markup('').join(textbuf, escape_quotes=False) |
122 text = self._TRAILING_SPACE.sub('', text) | 122 text = self._TRAILING_SPACE.sub('', text) |
123 text = self._LINE_COLLAPSE.sub('\n', text) | 123 text = self._LINE_COLLAPSE.sub('\n', text) |
124 yield Stream.TEXT, Markup(text), pos | 124 yield Stream.TEXT, Markup(text), pos |
125 del textbuf[:] | 125 del textbuf[:] |
126 prev_kind = kind | 126 prev_kind = kind |
127 if kind is not Stream.TEXT: | 127 if kind is not Stream.TEXT: |
128 yield kind, data, pos | 128 yield kind, data, pos |
129 | 129 |
130 if textbuf: | 130 if textbuf: |
131 text = self._LINE_COLLAPSE.sub('\n', ''.join(textbuf)) | 131 text = Markup('').join(textbuf, escape_quotes=False) |
132 text = self._TRAILING_SPACE.sub('', text) | |
133 text = self._LINE_COLLAPSE.sub('\n', text) | |
132 yield Stream.TEXT, Markup(text), pos | 134 yield Stream.TEXT, Markup(text), pos |
133 | 135 |
134 | 136 |
135 class HTMLSanitizer(object): | 137 class HTMLSanitizer(object): |
136 """A filter that removes potentially dangerous HTML tags and attributes | 138 """A filter that removes potentially dangerous HTML tags and attributes |