[Zope3-checkins]
SVN: Zope3/trunk/src/zope/app/form/browser/source.py
treat text like text when generating markup
Fred L. Drake, Jr.
fdrake at gmail.com
Thu Jul 14 17:04:25 EDT 2005
Log message for revision 33323:
treat text like text when generating markup
Changed:
U Zope3/trunk/src/zope/app/form/browser/source.py
-=-
Modified: Zope3/trunk/src/zope/app/form/browser/source.py
===================================================================
--- Zope3/trunk/src/zope/app/form/browser/source.py 2005-07-14 19:07:44 UTC (rev 33322)
+++ Zope3/trunk/src/zope/app/form/browser/source.py 2005-07-14 21:04:25 UTC (rev 33323)
@@ -16,6 +16,8 @@
$Id$
"""
import cgi
+import xml.sax.saxutils
+
import zope.schema.interfaces
from zope.schema.interfaces import ISourceQueriables, ValidationError
from zope.app import zapi
@@ -66,7 +68,7 @@
value = self._translate(_("SourceDisplayWidget-invalid",
default="Invalid value"))
else:
- value = cgi.escape(term.title)
+ value = xml.sax.saxutils.escape(term.title)
return value
@@ -91,7 +93,7 @@
value = self._translate(_("SourceDisplayWidget-invalid",
default="Invalid value"))
else:
- value = cgi.escape(term.title)
+ value = xml.sax.saxutils.escape(term.title)
result.append(value)
@@ -215,7 +217,7 @@
)
result.append(' </div>')
result.append(' <div class="field">')
- result.append(u' ' + cgi.escape(term.title))
+ result.append(u' ' + xml.sax.saxutils.escape(term.title))
result.append(' </div>')
result.append(' </div>')
result.append(' <input type="hidden" name="%s" value="%s">'
@@ -407,7 +409,7 @@
' value="%s">'
% (self.name, cgi.escape(term.token))
)
- result.append(' ' + cgi.escape(term.title))
+ result.append(' ' + xml.sax.saxutils.escape(term.title))
result.append(
' <input type="hidden" name="%s:list" value="%s">'
% (self.name, cgi.escape(term.token)))
More information about the Zope3-Checkins
mailing list