thomas
/
website
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

properly html-escape included files

Thomas B 7 months ago
parent
e8f902b236
commit
532b472e43
1 changed files with 7 additions and 1 deletions
Unified View Show Diff Stats
  1. 7
    1
      macros.py

+ 7
- 1
macros.py View File

18 
 PY3 = sys.version_info[0] == 3
 18 
 PY3 = sys.version_info[0] == 3
19
19
20 
 if PY3:
 20 
 if PY3:
21 
+    import html
21 
     import urllib
 22 
     import urllib
22 
     import urllib.request
 23 
     import urllib.request
23 
     from urllib.error import HTTPError, URLError
 24 
     from urllib.error import HTTPError, URLError
24 
     def urlparse_foo(link):
 25 
     def urlparse_foo(link):
25 
         return urllib.parse.parse_qs(urllib.parse.urlparse(link).query)['v'][0]
 26 
         return urllib.parse.parse_qs(urllib.parse.urlparse(link).query)['v'][0]
26 
 else:
 27 
 else:
28 
+    import cgi
27 
     import urllib
 29 
     import urllib
28 
     import urlparse
 30 
     import urlparse
29 
     def urlparse_foo(link):
 31 
     def urlparse_foo(link):
583
585
584 
 def include_url(url):
 586 
 def include_url(url):
585 
     data = http_request(url)
 587 
     data = http_request(url)
586 
-    print(data, end="")
588 
+    if PY3:
589 
+        encoded = html.escape(data)
590 
+    else:
591 
+        encoded = cgi.escape(data)
592 
+    print(encoded, end="")
587
593
588 
 # -----------------------------------------------------------------------------
 594 
 # -----------------------------------------------------------------------------
589 
 # preconvert hooks
 595 
 # preconvert hooks

Write Preview
Loading…
Cancel
Save