diff options
author | Georg Brandl <georg@python.org> | 2010-10-15 15:57:45 (GMT) |
---|---|---|
committer | Georg Brandl <georg@python.org> | 2010-10-15 15:57:45 (GMT) |
commit | 1f7fffb308390d10a2c6a4ec624f18cfeef97aeb (patch) | |
tree | 65e2437904ba089004c69c77b49e5059623b83fb /Lib/html/__init__.py | |
parent | 70543acfa1bce2e5f448d8d0085df595bfa9a2f9 (diff) | |
download | cpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.zip cpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.tar.gz cpython-1f7fffb308390d10a2c6a4ec624f18cfeef97aeb.tar.bz2 |
#2830: add html.escape() helper and move cgi.escape() uses in the standard library to it. It defaults to quote=True and also escapes single quotes, which makes casual use safer. The cgi.escape() interface is not touched, but emits a (silent) PendingDeprecationWarning.
Diffstat (limited to 'Lib/html/__init__.py')
-rw-r--r-- | Lib/html/__init__.py | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/Lib/html/__init__.py b/Lib/html/__init__.py index 196d378..335d214 100644 --- a/Lib/html/__init__.py +++ b/Lib/html/__init__.py @@ -1 +1,20 @@ -# This directory is a Python package. +""" +General functions for HTML manipulation. +""" + + +_escape_map = {ord('&'): '&', ord('<'): '<', ord('>'): '>'} +_escape_map_full = {ord('&'): '&', ord('<'): '<', ord('>'): '>', + ord('"'): '"', ord('\''): '''} + +# NB: this is a candidate for a bytes/string polymorphic interface + +def escape(s, quote=True): + """ + Replace special characters "&", "<" and ">" to HTML-safe sequences. + If the optional flag quote is true (the default), the quotation mark + character (") is also translated. + """ + if quote: + return s.translate(_escape_map_full) + return s.translate(_escape_map) |