# HG changeset patch # User Andrew Shadura <and...@shadura.me> # Date 1428965992 -7200 # Tue Apr 14 00:59:52 2015 +0200 # Node ID abeb4a96c92a913b61e2fcb9c9c87f4d02ea00a2 # Parent caef25781d8cb4b9e43e0def6b7a199c3f3cb462 lib: remove ineffective html_escape implementation, use escape instead
lib.helpers.html_escape scanned the whole string replacing HTML-unsafe characters; webhelpers, however, use optimised implementation from markupsafe. Also, formencode uses its own implementation, html_quote, which is used in form validators. For uniformity, patch it to use escape function from webhelpers. diff --git a/kallithea/lib/compat.py b/kallithea/lib/compat.py --- a/kallithea/lib/compat.py +++ b/kallithea/lib/compat.py @@ -566,3 +566,7 @@ else: memo[id(self)] = result result.__init__(deepcopy(tuple(self), memo)) return result + +import formencode.rewritingparser +import webhelpers.html +formencode.rewritingparser.html_quote = webhelpers.html.escape diff --git a/kallithea/lib/helpers.py b/kallithea/lib/helpers.py --- a/kallithea/lib/helpers.py +++ b/kallithea/lib/helpers.py @@ -89,19 +89,6 @@ def canonical_hostname(): parts = url('home', qualified=True).split('://', 1) return parts[1].split('/', 1)[0] -def html_escape(text, html_escape_table=None): - """Produce entities within text.""" - if not html_escape_table: - html_escape_table = { - "&": "&", - '"': """, - "'": "'", - ">": ">", - "<": "<", - } - return "".join(html_escape_table.get(c, c) for c in text) - - def shorter(text, size=20): postfix = '...' if len(text) > size: diff --git a/kallithea/tests/functional/test_admin_users.py b/kallithea/tests/functional/test_admin_users.py --- a/kallithea/tests/functional/test_admin_users.py +++ b/kallithea/tests/functional/test_admin_users.py @@ -94,7 +94,7 @@ class TestAdminUsersController(TestContr '_authentication_token': self.authentication_token()}) msg = validators.ValidUsername(False, {})._messages['system_invalid_username'] - msg = h.html_escape(msg % {'username': 'new_user'}) + msg = h.escape(msg % {'username': 'new_user'}) response.mustcontain("""<span class="error-message">%s</span>""" % msg) response.mustcontain("""<span class="error-message">Please enter a value</span>""") response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""") diff --git a/kallithea/tests/functional/test_login.py b/kallithea/tests/functional/test_login.py --- a/kallithea/tests/functional/test_login.py +++ b/kallithea/tests/functional/test_login.py @@ -114,7 +114,7 @@ class TestLoginController(TestController 'lastname': 'test'}) msg = validators.ValidUsername()._messages['username_exists'] - msg = h.html_escape(msg % {'username': uname}) + msg = h.escape(msg % {'username': uname}) response.mustcontain(msg) def test_register_err_same_email(self): @@ -179,7 +179,7 @@ class TestLoginController(TestController response.mustcontain('An email address must contain a single @') msg = validators.ValidUsername()._messages['username_exists'] - msg = h.html_escape(msg % {'username': usr}) + msg = h.escape(msg % {'username': usr}) response.mustcontain(msg) def test_register_special_chars(self): @@ -240,7 +240,7 @@ class TestLoginController(TestController ) msg = validators.ValidSystemEmail()._messages['non_existing_email'] - msg = h.html_escape(msg % {'email': bad_email}) + msg = h.escape(msg % {'email': bad_email}) response.mustcontain() def test_forgot_password(self): diff --git a/kallithea/tests/functional/test_my_account.py b/kallithea/tests/functional/test_my_account.py --- a/kallithea/tests/functional/test_my_account.py +++ b/kallithea/tests/functional/test_my_account.py @@ -181,7 +181,7 @@ class TestMyAccountController(TestContro from kallithea.model import validators msg = validators.ValidUsername(edit=False, old_data={})\ ._messages['username_exists'] - msg = h.html_escape(msg % {'username': 'test_admin'}) + msg = h.escape(msg % {'username': 'test_admin'}) response.mustcontain(u"%s" % msg) def test_my_account_api_keys(self): _______________________________________________ kallithea-general mailing list kallithea-general@sfconservancy.org http://lists.sfconservancy.org/mailman/listinfo/kallithea-general