[Erp5-report] r41727 jm - /erp5/trunk/products/PortalTransforms/transforms/safe_html.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Thu Dec 23 17:38:08 CET 2010
Author: jm
Date: Thu Dec 23 17:38:08 2010
New Revision: 41727
URL: http://svn.erp5.org?rev=41727&view=rev
Log:
safe_html: reescape entities, otherwise scrubHTML produces invalid HTML
Modified:
erp5/trunk/products/PortalTransforms/transforms/safe_html.py
Modified: erp5/trunk/products/PortalTransforms/transforms/safe_html.py
URL: http://svn.erp5.org/erp5/trunk/products/PortalTransforms/transforms/safe_html.py?rev=41727&r1=41726&r2=41727&view=diff
==============================================================================
--- erp5/trunk/products/PortalTransforms/transforms/safe_html.py [utf8] (original)
+++ erp5/trunk/products/PortalTransforms/transforms/safe_html.py [utf8] Thu Dec 23 17:38:08 2010
@@ -219,7 +219,7 @@ class StrippingParser(HTMLParser):
self.original_charset = match.group('charset')
v = charset_parser.sub(
CharsetReplacer(self.default_encoding), v)
- self.result.append(' %s="%s"' % (k, v))
+ self.result.append(' %s="%s"' % (k, escape(v, True)))
#UNUSED endTag = '</%s>' % tag
if safeToInt(self.valid.get(tag)):
More information about the Erp5-report
mailing list