[Checkins] SVN: zope.tal/trunk/src/zope/tal/tal Towards Py3K: use html.escape instead of cgi.escape

Marius Gedminas cvs-admin at zope.org
Thu Feb 7 23:05:02 UTC 2013 

Log message for revision 129196:
  Towards Py3K: use html.escape instead of cgi.escape
  
  There's one difference -- html.escape also escapes single quotes ('),
  while cgi.escape doesn't.  html.escape doesn't exist on Python 2.x,
  while cgi.escape emits a deprecation warning on Python 3.x.  To get
  unified behavior across all Python versions I had to inline the escape
  function in zope.tal.taldefs.quote().

Changed:
  U   zope.tal/trunk/src/zope/tal/taldefs.py
  U   zope.tal/trunk/src/zope/tal/talgenerator.py

-=-
Modified: zope.tal/trunk/src/zope/tal/taldefs.py
===================================================================
--- zope.tal/trunk/src/zope/tal/taldefs.py	2013-02-07 23:04:58 UTC (rev 129195)
+++ zope.tal/trunk/src/zope/tal/taldefs.py	2013-02-07 23:05:01 UTC (rev 129196)
@@ -193,7 +193,9 @@
     s = s.replace('"', '"')
     return s
 
-import cgi
-def quote(s, escape=cgi.escape):
-    return '"%s"' % escape(s, 1)
-del cgi
+def quote(s):
+    s = s.replace("&", "&") # Must be done first!
+    s = s.replace("<", "&lt;")
+    s = s.replace(">", "&gt;")
+    s = s.replace('"', "&quot;")
+    return '"%s"' % s

Modified: zope.tal/trunk/src/zope/tal/talgenerator.py
===================================================================
--- zope.tal/trunk/src/zope/tal/talgenerator.py	2013-02-07 23:04:58 UTC (rev 129195)
+++ zope.tal/trunk/src/zope/tal/talgenerator.py	2013-02-07 23:05:01 UTC (rev 129196)
@@ -13,9 +13,15 @@
 ##############################################################################
 """Code generator for TALInterpreter intermediate code.
 """
-import cgi
 import re
 
+try:
+    # Python 3.x
+    from html import escape
+except ImportError:
+    # Python 2.x
+    from cgi import escape
+
 from zope.tal import taldefs
 from zope.tal.taldefs import NAME_RE, TAL_VERSION
 from zope.tal.taldefs import I18NError, METALError, TALError
@@ -257,7 +263,7 @@
         self.emit("rawtext", text)
 
     def emitText(self, text):
-        self.emitRawText(cgi.escape(text))
+        self.emitRawText(escape(text, False))
 
     def emitDefines(self, defines):
         for part in taldefs.splitParts(defines):

More information about the checkins mailing list