Mercurial > p > roundup > code

changeset 5837:883c9e90b403

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix problem with cgi.escape being depricated a different way. This way uses anypy and is cleaner. Also fixes incorrect/incomplete change that resulted in escaped in TAL generated by TALInterpreter.py. The escaped quotes break javascript etc. defined using tal string: values. TODO: add test cases for TAL. This wouldn't have snuck through for a month if we had good coverage of that library.
author John Rouillard <rouilj@ieee.org>
date Sat, 06 Jul 2019 13:12:58 -0400
parents 75586a0c26c0
children b74f0b50bef1
files roundup/anypy/html.py roundup/backends/sessions_dbm.py roundup/backends/sessions_rdbms.py roundup/cgi/PageTemplates/TALES.py roundup/cgi/TAL/TALGenerator.py roundup/cgi/TAL/TALInterpreter.py roundup/cgi/actions.py roundup/cgi/cgitb.py roundup/cgi/client.py roundup/cgi/exceptions.py roundup/cgi/templating.py roundup/cgi/wsgi_handler.py roundup/scripts/roundup_server.py
diffstat 13 files changed, 21 insertions(+), 46 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/roundup/anypy/html.py	Sat Jul 06 13:12:58 2019 -0400
@@ -0,0 +1,8 @@
+try:
+    from html import escape as html_escape_ # python 3
+    def html_escape(str, quote=False):
+        # html_escape under python 3 sets quote to true by default
+        # make it python 2 compatible
+        return html_escape_(str, quote=quote)
+except ImportError:
+    from cgi import escape as html_escape # python 2 fallback
--- a/roundup/backends/sessions_dbm.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/backends/sessions_dbm.py	Sat Jul 06 13:12:58 2019 -0400
@@ -8,10 +8,7 @@
 
 import os, marshal, time
 
-try:
-    from html import escape
-except ImportError:
-    from cgi import escape
+from roundup.anypy.html import html_escape as escape
 
 from roundup import hyperdb
 from roundup.i18n import _
--- a/roundup/backends/sessions_rdbms.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/backends/sessions_rdbms.py	Sat Jul 06 13:12:58 2019 -0400
@@ -7,10 +7,7 @@
 __docformat__ = 'restructuredtext'
 import os, time, logging
 
-try:
-    from html import escape
-except ImportError:
-    from cgi import escape
+from roundup.anypy.html import html_escape as escape
 
 class BasicDatabase:
     ''' Provide a nice encapsulation of an RDBMS table.
--- a/roundup/cgi/PageTemplates/TALES.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/PageTemplates/TALES.py	Sat Jul 06 13:12:58 2019 -0400
@@ -283,8 +283,8 @@
         if not as_html:
             return '   - Names:\n      %s' % s.replace('\n', '\n      ')
         else:
-            from cgi import escape
-            return '<b>Names:</b><pre>%s</pre>' % (escape(s))
+            from roundup.anypy.html import html_escape
+            return '<b>Names:</b><pre>%s</pre>' % (html_escape(s))
 
 
 class SimpleExpr:
--- a/roundup/cgi/TAL/TALGenerator.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/TAL/TALGenerator.py	Sat Jul 06 13:12:58 2019 -0400
@@ -25,10 +25,7 @@
 from .TALDefs import parseSubstitution
 from .TranslationContext import TranslationContext, DEFAULT_DOMAIN
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 I18N_REPLACE = 1
 I18N_CONTENT = 2
--- a/roundup/cgi/TAL/TALInterpreter.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/TAL/TALInterpreter.py	Sat Jul 06 13:12:58 2019 -0400
@@ -21,11 +21,8 @@
 import getopt
 import re
 
-try:
-    from html import escape
-except ImportError:
-    from cgi import escape
 
+from roundup.anypy.html import html_escape as escape
 from roundup.anypy.strings import StringIO
 #from DocumentTemplate.DT_Util import ustr
 ustr = str
--- a/roundup/cgi/actions.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/actions.py	Sat Jul 06 13:12:58 2019 -0400
@@ -11,10 +11,7 @@
 from roundup.anypy.strings import StringIO
 import roundup.anypy.random_ as random_
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 import time
 from datetime import timedelta
--- a/roundup/cgi/cgitb.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/cgitb.py	Sat Jul 06 13:12:58 2019 -0400
@@ -10,10 +10,7 @@
 import sys, os, keyword, linecache, tokenize, inspect, cgi
 import pydoc, traceback
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 from roundup.cgi import templating, TranslationService
 from roundup.anypy.strings import s2b
--- a/roundup/cgi/client.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/client.py	Sat Jul 06 13:12:58 2019 -0400
@@ -23,10 +23,7 @@
     class SysCallError(Exception):
         pass
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 from roundup import roundupdb, date, hyperdb, password
 from roundup.cgi import templating, cgitb, TranslationService
--- a/roundup/cgi/exceptions.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/exceptions.py	Sat Jul 06 13:12:58 2019 -0400
@@ -5,10 +5,7 @@
 
 from roundup.exceptions import LoginError, Unauthorised
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 class HTTPException(BaseException):
     pass
--- a/roundup/cgi/templating.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/templating.py	Sat Jul 06 13:12:58 2019 -0400
@@ -25,10 +25,7 @@
 import textwrap
 import time, hashlib
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 from roundup.anypy import urllib_
 from roundup import hyperdb, date, support
--- a/roundup/cgi/wsgi_handler.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/cgi/wsgi_handler.py	Sat Jul 06 13:12:58 2019 -0400
@@ -8,10 +8,7 @@
 import cgi
 import weakref
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 import roundup.instance
 from roundup.cgi import TranslationService
--- a/roundup/scripts/roundup_server.py	Sat Jul 06 09:05:09 2019 -0400
+++ b/roundup/scripts/roundup_server.py	Sat Jul 06 13:12:58 2019 -0400
@@ -57,10 +57,7 @@
 except ImportError:
     SSL = None
 
-try:
-    from html import escape as html_escape  # python 3
-except ImportError:
-    from cgi import escape as html_escape   # python 2 fallback
+from roundup.anypy.html import html_escape
 
 # python version check
 from roundup import configuration, version_check
Roundup Issue Tracker: http://roundup-tracker.org/