Brian Quinlan wrote: > I'd have to dig through the revision history to be sure, but I imagine > that cgi.escape was originally only used in the cgi module (and there > only in it's various print_* functions). Then it started being used by > other core Python modules e.g. cgitb, DocXMLRPCServer.
nah, it's an official API for simple HTML/XML escaping, and it's perfectly usable for what it's supposed to be used for. however, if you're doing serious web hacking, you *should* of course work at the XHTML information set level whenever you can, where you focus on the data you want to publish (using Unicode strings for any- thing that's even remotely resembles human text), and the framework makes sure that it gets to the other side in once piece, using HTML4 or XHTML as necessary, and escaping and encoding things properly and efficiently on the way. it's 2006. transferring data from Python applications to web browsers is no rocket science. </F> -- http://mail.python.org/mailman/listinfo/python-list