Mercurial > p > roundup > code

diff roundup/scripts/roundup_server.py @ 5800:1a835db41674

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Call cgi.escape only on python 2. Replace with html.escapeif it can be found.
author John Rouillard <rouilj@ieee.org>
date Tue, 11 Jun 2019 21:29:24 -0400
parents 320a1692a473
children 883c9e90b403
line wrap: on
line diff
--- a/roundup/scripts/roundup_server.py	Tue Jun 11 21:05:53 2019 -0400
+++ b/roundup/scripts/roundup_server.py	Tue Jun 11 21:29:24 2019 -0400
@@ -36,7 +36,7 @@
 # --/
 
 
-import errno, cgi, getopt, io, os, socket, sys, traceback, time
+import errno, getopt, io, os, socket, sys, traceback, time
 
 try:
     # Python 3.
@@ -57,6 +57,11 @@
 except ImportError:
     SSL = None
 
+try:
+    from html import escape as html_escape  # python 3
+except ImportError:
+    from cgi import escape as html_escape   # python 2 fallback
+
 # python version check
 from roundup import configuration, version_check
 from roundup import __version__ as roundup_version
@@ -243,7 +248,7 @@
                         s = StringIO()
                         traceback.print_exc(None, s)
                         self.wfile.write(b"<pre>")
-                        self.wfile.write(s2b(cgi.escape(s.getvalue())))
+                        self.wfile.write(s2b(html_escape(s.getvalue())))
                         self.wfile.write(b"</pre>\n")
                 else:
                     # user feedback
@@ -289,7 +294,7 @@
             for tracker in keys:
                 w(s2b('<li><a href="%(tracker_url)s/index">%(tracker_name)s</a>\n'%{
                     'tracker_url': urllib_.quote(tracker),
-                    'tracker_name': cgi.escape(tracker)}))
+                    'tracker_name': html_escape(tracker)}))
             w(b'</ol></body></html>')
 
     def inner_run_cgi(self):
Roundup Issue Tracker: http://roundup-tracker.org/