[Erp5-report] r7546 - /erp5/trunk/products/ERP5/bin/genbt5list
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed May 31 00:19:17 CEST 2006
Author: jerome
Date: Wed May 31 00:19:14 2006
New Revision: 7546
URL: http://svn.erp5.org?rev=7546&view=rev
Log:
escape properties using cgi.escape
Modified:
erp5/trunk/products/ERP5/bin/genbt5list
Modified: erp5/trunk/products/ERP5/bin/genbt5list
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/bin/genbt5list?rev=7546&r1=7545&r2=7546&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/bin/genbt5list (original)
+++ erp5/trunk/products/ERP5/bin/genbt5list Wed May 31 00:19:14 2006
@@ -36,6 +36,7 @@
import sys
import tempfile
import shutil
+import cgi
property_list = ('title', 'version', 'description', 'license', 'dependency_list', 'copyright_list')
@@ -88,10 +89,12 @@
for property_id in property_id_list:
property_value = property_dict[property_id]
if type(property_value) == type(''):
- os.write(fd, ' <%s>%s</%s>\n' % (property_id, property_value, property_id))
+ os.write(fd, ' <%s>%s</%s>\n' % (
+ property_id, cgi.escape(property_value), property_id))
else:
for value in property_value:
- os.write(fd, ' <%s>%s</%s>\n' % (property_id, value, property_id))
+ os.write(fd, ' <%s>%s</%s>\n' % (
+ property_id, cgi.escape(value), property_id))
os.write(fd, ' </template>\n')
info('done\n')
finally:
More information about the Erp5-report
mailing list