[Zope-Checkins] CVS: Releases/Zope/lib/python/TAL -
TALInterpreter.py:1.78.4.3
Evan Simpson
evan at 4-am.com
Wed Oct 1 13:15:27 EDT 2003
Update of /cvs-repository/Releases/Zope/lib/python/TAL
In directory cvs.zope.org:/tmp/cvs-serv10145/lib/python/TAL
Modified Files:
Tag: Zope-2_7-branch
TALInterpreter.py
Log Message:
Completely fix bug #721 by using attrEscape instead of cgi.escape for
dynamic attribute values as well as static values.
=== Releases/Zope/lib/python/TAL/TALInterpreter.py 1.78.4.2 => 1.78.4.3 ===
--- Releases/Zope/lib/python/TAL/TALInterpreter.py:1.78.4.2 Fri Aug 15 10:14:37 2003
+++ Releases/Zope/lib/python/TAL/TALInterpreter.py Wed Oct 1 13:14:56 2003
@@ -24,7 +24,7 @@
from StringIO import StringIO
from DocumentTemplate.DT_Util import ustr
-from TALDefs import TAL_VERSION, TALError, METALError
+from TALDefs import TAL_VERSION, TALError, METALError, attrEscape
from TALDefs import isCurrentVersion, getProgramVersion, getProgramMode
from TALGenerator import TALGenerator
from TranslationContext import TranslationContext
@@ -336,7 +336,7 @@
if value is None:
value = name
else:
- value = '%s="%s"' % (name, escape(value, 1))
+ value = '%s="%s"' % (name, attrEscape(value))
return 1, name, value
def attrAction_tal(self, item):
@@ -369,7 +369,7 @@
value = translated
if value is None:
value = name
- value = '%s="%s"' % (name, escape(value, 1))
+ value = '%s="%s"' % (name, attrEscape(value))
return ok, name, value
bytecode_handlers["<attrAction>"] = attrAction
More information about the Zope-Checkins
mailing list