summaryrefslogtreecommitdiffstats
path: root/Lib/html/__init__.py
diff options
context:
space:
mode:
authorGeorg Brandl <georg@python.org>2010-10-15 15:57:45 (GMT)
committerGeorg Brandl <georg@python.org>2010-10-15 15:57:45 (GMT)
commit1f7fffb308390d10a2c6a4ec624f18cfeef97aeb (patch)
tree65e2437904ba089004c69c77b49e5059623b83fb /Lib/html/__init__.py
parent70543acfa1bce2e5f448d8d0085df595bfa9a2f9 (diff)
downloadcpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.zip
cpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.tar.gz
cpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.tar.bz2
#2830: add html.escape() helper and move cgi.escape() uses in the standard library to it. It defaults to quote=True and also escapes single quotes, which makes casual use safer. The cgi.escape() interface is not touched, but emits a (silent) PendingDeprecationWarning.
Diffstat (limited to 'Lib/html/__init__.py')
-rw-r--r--Lib/html/__init__.py21
1 files changed, 20 insertions, 1 deletions
diff --git a/Lib/html/__init__.py b/Lib/html/__init__.py
index 196d378..335d214 100644
--- a/Lib/html/__init__.py
+++ b/Lib/html/__init__.py
@@ -1 +1,20 @@
-# This directory is a Python package.
+"""
+General functions for HTML manipulation.
+"""
+
+
+_escape_map = {ord('&'): '&amp;', ord('<'): '&lt;', ord('>'): '&gt;'}
+_escape_map_full = {ord('&'): '&amp;', ord('<'): '&lt;', ord('>'): '&gt;',
+ ord('"'): '&quot;', ord('\''): '&#x27;'}
+
+# NB: this is a candidate for a bytes/string polymorphic interface
+
+def escape(s, quote=True):
+ """
+ Replace special characters "&", "<" and ">" to HTML-safe sequences.
+ If the optional flag quote is true (the default), the quotation mark
+ character (") is also translated.
+ """
+ if quote:
+ return s.translate(_escape_map_full)
+ return s.translate(_escape_map)