[Checkins]
SVN: z3c.formjs/branches/pcardune-client-notify-r87806/src/z3c/formjs/jqueryrenderer.py
make sure we escape quotes in event attribute values
Paul Carduner
paulcarduner at gmail.com
Wed Jul 23 00:44:58 EDT 2008
Log message for revision 88745:
make sure we escape quotes in event attribute values
Changed:
U z3c.formjs/branches/pcardune-client-notify-r87806/src/z3c/formjs/jqueryrenderer.py
-=-
Modified: z3c.formjs/branches/pcardune-client-notify-r87806/src/z3c/formjs/jqueryrenderer.py
===================================================================
--- z3c.formjs/branches/pcardune-client-notify-r87806/src/z3c/formjs/jqueryrenderer.py 2008-07-22 23:05:01 UTC (rev 88744)
+++ z3c.formjs/branches/pcardune-client-notify-r87806/src/z3c/formjs/jqueryrenderer.py 2008-07-23 04:44:56 UTC (rev 88745)
@@ -132,11 +132,15 @@
attrs = set([])
for interface in zope.interface.providedBy(self.event):
attrs.update(interface.names())
- content = '[{%s}]' % ','.join(['"%s":"%s"' % (attr,getattr(self.event, attr))
+ content = '[{%s}]' % ','.join(['"%s":"%s"' % (attr,escape(getattr(self.event, attr)))
for attr in attrs])
return content
+def escape(s):
+ s = unicode(s)
+ return s.replace('"','\\"').replace("'","\\'")
+
class JQueryNotifyClientHandlerRenderer(object):
zope.component.adapts(interfaces.INotifyClientHandler,
IJQueryLayer)
More information about the Checkins
mailing list