def escape(s, quote=False):
"""Replace special characters "&", "<" and ">" to HTML-safe sequences. If
the optional flag `quote` is `True`, the quotation mark character is
also translated.
There is a special handling for `None` which escapes to an empty string.
:param s: the string to escape.
:param quote: set to true to also escape double quotes.
"""
if s is None:
return ''
if hasattr(s, '__html__'):
return s.__html__()
if not isinstance(s, (text_type, binary_type)):
s = text_type(s)
if isinstance(s, binary_type):
try:
s.decode('ascii')
except:
s = s.decode('utf-8', 'replace')
s = s.replace('&', '&').replace('<', '<').replace('>', '>')
if quote:
s = s.replace('"', """)
return s
def escape(s, quote=False):
"""Replace special characters "&", "<" and ">" to HTML-safe sequences. If
the optional flag `quote` is `True`, the quotation mark character is
also translated.
There is a special handling for `None` which escapes to an empty string.
:param s: the string to escape.
:param quote: set to true to also escape double quotes.
"""
if s is None:
return ''
if hasattr(s, '__html__'):
return s.__html__()
if not isinstance(s, (text_type, binary_type)):
s = text_type(s)
if isinstance(s, binary_type):
try:
s.decode('ascii')
except Exception:
s = s.decode('utf-8', 'replace')
s = s.replace('&', '&').replace('<', '<').replace('>', '>')
if quote:
s = s.replace('"', """)
return s
def templated_escaped(input, expect_saferepr=None):
"""
`expect_saferepr`: the panel applies additional escaping to POST items
Took a while to backtrack the mako/pyramid_mako escaping...
saferepr(text_type(markupsafe.escape(PARTY_HAT_UNICODE)))
> "u'\\U0001f389'"
text_type(saferepr(PARTY_HAT_UNICODE))
> u"u'\\U0001f389'"
markupsafe.escape(saferepr(PARTY_HAT_UNICODE))
> Markup(u'u'\\U0001f389'')
text_type(markupsafe.escape(saferepr(PARTY_HAT_UNICODE)))
u'u'\\U0001f389''
"""
if PY3:
input = text_type(input)
if expect_saferepr:
input = saferepr(input)
return text_type(markupsafe.escape(input))
