John Bokma wrote: >> Why cgi.escape should NOT be changed: >> o it is current used in lots of code and changing it will almost >> certainly break some of it, test suites at minimum e.g. >> assert my_template_system("<p>{foo}</p>", foo='"') == '<p>"</p>' > > You must be kidding.
Nope. How do you write your templating system unit tests? >> o escaping attribute values is less common than escaping element >> text > > Again, you must be kidding: href="/search.cgi?query=3&results=10" > Actually, I wasn't kidding. I was basing this belief on greping through the Python standard library where only the quote=None form is ever used. It also matches my experience. But I don't have a large enough sample to make any claim either way. Cheers, Brian -- http://mail.python.org/mailman/listinfo/python-list