Genshi ¶

Genshi is an XML-based "toolkit for generation of output for the web."

Escaping¶

Genshi's escaping routine always replaces all occurrences of &, <, and > in the input. If the quotes parameter is not overridden, all " characters are also encoded.

Note that the ' character is never encoded. However, this should not be an issue because none of Genshi's serializers use singe-quoted attributes.

Here is Genshi's escaping routine:

314	    def escape(cls, text, quotes=True):
315	        """Create a Markup instance from a string and escape special characters
316	        it may contain (<, >, & and \").
317	       
318	        If the `quotes` parameter is set to `False`, the \" character is left
319	        as is. Escaping quotes is generally only required for strings that are
320	        to be used in attribute values.
321	        """
322	        if not text:
323	            return cls()
324	        if type(text) is cls:
325	            return text
326	        text = unicode(text).replace('&', '&amp;') \
327	                            .replace('<', '&lt;') \
328	                            .replace('>', '&gt;')
329	        if quotes:
330	            text = text.replace('"', '&#34;')
331	        return cls(text)

Version: latest
Edited by Craig Younkins on 6/22/10 11:47 AM
History
Edit

Creative Commons 3.0 License

Genshi ¶

Escaping¶

Where Am I?

Table of contents

This page

This wiki