[Zope-Checkins] CVS: Zope/lib/python/TAL - TALDefs.py:1.28.6.4 TALGenerator.py:1.55.6.4
Florent Guillaume
fg@nuxeo.com
Thu, 30 Jan 2003 15:15:05 -0500
Update of /cvs-repository/Zope/lib/python/TAL
In directory cvs.zope.org:/tmp/cvs-serv23953/lib/python/TAL
Modified Files:
Tag: Zope-2_6-branch
TALDefs.py TALGenerator.py
Log Message:
Merge an old bugfix from HEAD that hadn't been merged yet:
Collector #721: preserve syntactically valid character entities in
attributes.
=== Zope/lib/python/TAL/TALDefs.py 1.28.6.3 => 1.28.6.4 ===
--- Zope/lib/python/TAL/TALDefs.py:1.28.6.3 Mon Oct 28 15:45:50 2002
+++ Zope/lib/python/TAL/TALDefs.py Thu Jan 30 15:14:30 2003
@@ -164,3 +164,24 @@
if opcode == "version":
return version
return None
+
+import re
+_ent1_re = re.compile('&(?![A-Z#])', re.I)
+_entch_re = re.compile('&([A-Z][A-Z0-9]*)(?![A-Z0-9;])', re.I)
+_entn1_re = re.compile('&#(?![0-9X])', re.I)
+_entnx_re = re.compile('&(#X[A-F0-9]*)(?![A-F0-9;])', re.I)
+_entnd_re = re.compile('&(#[0-9][0-9]*)(?![0-9;])')
+del re
+
+def attrEscape(s):
+ """Replace special characters '&<>' by character entities,
+ except when '&' already begins a syntactically valid entity."""
+ s = _ent1_re.sub('&', s)
+ s = _entch_re.sub(r'&\1', s)
+ s = _entn1_re.sub('&#', s)
+ s = _entnx_re.sub(r'&\1', s)
+ s = _entnd_re.sub(r'&\1', s)
+ s = s.replace('<', '<')
+ s = s.replace('>', '>')
+ s = s.replace('"', '"')
+ return s
=== Zope/lib/python/TAL/TALGenerator.py 1.55.6.3 => 1.55.6.4 ===
--- Zope/lib/python/TAL/TALGenerator.py:1.55.6.3 Tue Oct 1 11:54:26 2002
+++ Zope/lib/python/TAL/TALGenerator.py Thu Jan 30 15:14:31 2003
@@ -162,7 +162,7 @@
if item[1] is None:
s = item[0]
else:
- s = '%s="%s"' % (item[0], cgi.escape(item[1], 1))
+ s = '%s="%s"' % (item[0], TALDefs.attrEscape(item[1]))
attrlist[i] = item[0], s
new.append(" " + s)
# if no non-optimizable attributes were found, convert to plain text