[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/form/browser/source.py treat text like text when generating markup

Fred L. Drake, Jr. fdrake at gmail.com
Thu Jul 14 17:04:25 EDT 2005


Log message for revision 33323:
  treat text like text when generating markup

Changed:
  U   Zope3/trunk/src/zope/app/form/browser/source.py

-=-
Modified: Zope3/trunk/src/zope/app/form/browser/source.py
===================================================================
--- Zope3/trunk/src/zope/app/form/browser/source.py	2005-07-14 19:07:44 UTC (rev 33322)
+++ Zope3/trunk/src/zope/app/form/browser/source.py	2005-07-14 21:04:25 UTC (rev 33323)
@@ -16,6 +16,8 @@
 $Id$
 """
 import cgi
+import xml.sax.saxutils
+
 import zope.schema.interfaces
 from zope.schema.interfaces import ISourceQueriables, ValidationError
 from zope.app import zapi 
@@ -66,7 +68,7 @@
                 value = self._translate(_("SourceDisplayWidget-invalid",
                                           default="Invalid value"))
             else:
-                value = cgi.escape(term.title)
+                value = xml.sax.saxutils.escape(term.title)
 
         return value
 
@@ -91,7 +93,7 @@
                 value = self._translate(_("SourceDisplayWidget-invalid",
                                           default="Invalid value"))
             else:
-                value = cgi.escape(term.title)
+                value = xml.sax.saxutils.escape(term.title)
 
             result.append(value)
 
@@ -215,7 +217,7 @@
                               )
                 result.append('    </div>')
                 result.append('    <div class="field">')
-                result.append(u'     ' + cgi.escape(term.title))
+                result.append(u'     ' + xml.sax.saxutils.escape(term.title))
                 result.append('    </div>')
                 result.append('  </div>')
                 result.append('  <input type="hidden" name="%s" value="%s">'
@@ -407,7 +409,7 @@
                         ' value="%s">'
                         % (self.name, cgi.escape(term.token))
                         )
-                    result.append('  ' + cgi.escape(term.title))
+                    result.append('  ' + xml.sax.saxutils.escape(term.title))
                     result.append(
                         '  <input type="hidden" name="%s:list" value="%s">'
                         % (self.name, cgi.escape(term.token)))



More information about the Zope3-Checkins mailing list