def handle_entityref(self, c):
entityref = self.entityref(c)
if not self.code and not \
self.pre and \
entityref != ' _place_holder;':
entityref = html_escape(entityref)
self.handle_data(entityref, True)
def handle_entityref(self, c):
entityref = self.entityref(c)
# convert the entity, unless it's a < or >
# in order to avoid obvious XSS attacks
if c not in ['lt', 'gt']:
self.o(entityref)
else:
if not self.code and not self.pre and entityref != ' _place_holder;':
self.handle_data(html_escape(entityref), True)
else:
self.o(self.entityref(c))
def handle_charref(self, c):
charref = self.charref(c)
if not self.code and not self.pre:
charref = html_escape(charref)
self.handle_data(charref, True)
def handle_entityref(self, c):
entityref = self.entityref(c)
if (not self.code and not self.pre
and entityref != ' _place_holder;'):
entityref = html_escape(entityref)
self.handle_data(entityref, True)
def handle_charref(self, c):
charref = self.charref(c)
if not self.code and not self.pre:
charref = html_escape(charref)
self.handle_data(charref, True)
