[issue2830] Copy cgi.escape() to html

2010-10-15 Thread Georg Brandl
Georg Brandl added the comment: Refined and applied the patch in r85531. Thanks all! -- resolution: -> fixed status: open -> closed ___ Python tracker ___ _

[issue2830] Copy cgi.escape() to html

2010-08-29 Thread Pablo Mouzo
Changes by Pablo Mouzo : Removed file: http://bugs.python.org/file18667/issue2830.diff ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue2830] Copy cgi.escape() to html

2010-08-29 Thread Pablo Mouzo
Pablo Mouzo added the comment: I'm attaching a new patch with the documentation updated. I agree with Georg that it'd be better to escape everything by default. Are there any good reasons not to? -- Added file: http://bugs.python.org/file18677/issue2830.diff _

[issue2830] Copy cgi.escape() to html

2010-08-28 Thread Georg Brandl
Georg Brandl added the comment: The docs are still not updated for the quote. I wonder if we shouldn't make the second argument True by default, while we're at it (or ignore it altogether and always escape everything) -- it would make the escape() much safer to use. Also quoting "'" already

[issue2830] Copy cgi.escape() to html

2010-08-28 Thread Pablo Mouzo
Pablo Mouzo added the comment: I'm attaching a new patch without escaping the slash. -- Added file: http://bugs.python.org/file18667/issue2830.diff ___ Python tracker ___ ___

[issue2830] Copy cgi.escape() to html

2010-08-28 Thread Pablo Mouzo
Changes by Pablo Mouzo : Removed file: http://bugs.python.org/file18636/issue2830.diff ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue2830] Copy cgi.escape() to html

2010-08-24 Thread Fred L. Drake, Jr.
Fred L. Drake, Jr. added the comment: Encoding the forward slash should not cause problems, but the quote “forward slash is included as it helps end an HTML entity” is confused; there's no need or additional value in escaping the forward slash. -- nosy: +fdrake

[issue2830] Copy cgi.escape() to html

2010-08-24 Thread Éric Araujo
Éric Araujo added the comment: The link says “forward slash is included as it helps end an HTML entity”, which I don’t understand. -- nosy: +eric.araujo ___ Python tracker ___ _

[issue2830] Copy cgi.escape() to html

2010-08-24 Thread Pablo Mouzo
Pablo Mouzo added the comment: Sorry about that, I have no idea how I managed to generate that diff. I'm attaching the correct patch. About the slash, there's a link in #9061 that recommends to escape the slash too because it's used to close tags in HTML. Is there any chance that escaping it

[issue2830] Copy cgi.escape() to html

2010-08-24 Thread Pablo Mouzo
Changes by Pablo Mouzo : Removed file: http://bugs.python.org/file18619/issue2830.diff ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue2830] Copy cgi.escape() to html

2010-08-24 Thread Georg Brandl
Georg Brandl added the comment: The actual implementation seems to be missing in the new patch; also the docs are not updated. Is it necessary to escape the slash? -- ___ Python tracker __

[issue2830] Copy cgi.escape() to html

2010-08-23 Thread Pablo Mouzo
Changes by Pablo Mouzo : Removed file: http://bugs.python.org/file18612/issue2830.diff ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue2830] Copy cgi.escape() to html

2010-08-23 Thread Pablo Mouzo
Pablo Mouzo added the comment: Thanks Georg for the review, I'm attaching a new patch with those problems fixed. The new patch escapes ' when the quote parameter is true, and / always. -- Added file: http://bugs.python.org/file18619/issue2830.diff _

[issue2830] Copy cgi.escape() to html

2010-08-23 Thread Georg Brandl
Georg Brandl added the comment: Looks good already. Two points: * if we do the move, we should finally make sure all problematic characters are escaped. For now, I think the single quote is the most important one in attribute mode. * the new docs for cgi.escape() are missing a newline betw

[issue2830] Copy cgi.escape() to html

2010-08-22 Thread Pablo Mouzo
Pablo Mouzo added the comment: I'm attaching a patch against py3k trunk that moves the function to the html module and fixes the documentation as Brett asked for. It also changes all the occurrences of cgi.escape I found for html.escape . -- keywords: +patch nosy: +pablomouzo Added fi

[issue2830] Copy cgi.escape() to html

2010-07-31 Thread Georg Brandl
Georg Brandl added the comment: In light of #9061, it should also start quoting single quotes when the arg is true. Since this function is called a LOT, it might also make sense to trivially implement it in C. If there are no objections, I can do that for 3.2. -- nosy: +georg.brandl

[issue2830] Copy cgi.escape() to html

2010-07-04 Thread Brett Cannon
Changes by Brett Cannon : -- versions: +Python 3.2 -Python 2.6, Python 3.0 ___ Python tracker ___ ___ Python-bugs-list mailing list Uns

[issue2830] Copy cgi.escape() to html

2010-07-04 Thread Brett Cannon
Brett Cannon added the comment: Yep since it is not a critical change. If someone came up with a patch to move the code and docs over, make cgi.escape use the moved code, and add a PendingDeprecationWarning then it would get done. -- keywords: +easy priority: normal -> low __

[issue2830] Copy cgi.escape() to html

2010-07-04 Thread Mark Lawrence
Mark Lawrence added the comment: I'm guessing that this has simply slipped under the radar. -- nosy: +BreamoreBoy ___ Python tracker ___ _

[issue2830] Copy cgi.escape() to html

2008-05-11 Thread Brett Cannon
New submission from Brett Cannon <[EMAIL PROTECTED]>: cgi.escape() really belong in the new 'html' package. -- components: Library (Lib) messages: 66704 nosy: brett.cannon priority: normal severity: normal status: open title: Copy cgi.escape() to html type: feature request versions: Pyth