Mercurial > libervia-web
comparison src/server/blog.py @ 893:298fbe562060
blog: escape "&" when encoding URL, so they can be used without escaping in the HTML template
fix bug 129
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sun, 20 Mar 2016 20:06:28 +0100 |
| parents | bf2af257e18b |
| children | e4e278255c9a |
comparison
equal
deleted
inserted
replaced
| 892:bf2af257e18b | 893:298fbe562060 |
|---|---|
| 82 """ | 82 """ |
| 83 assert not isinstance(quoted_value, unicode) | 83 assert not isinstance(quoted_value, unicode) |
| 84 return urllib.unquote(quoted_value).decode('utf-8') | 84 return urllib.unquote(quoted_value).decode('utf-8') |
| 85 | 85 |
| 86 | 86 |
| 87 def _urlencode(query): | |
| 88 """Same as urllib.urlencode, but use '&' instead of '&'""" | |
| 89 return u'&'.join([u"{}={}".format(urllib.quote_plus(unicode(k)), urllib.quote_plus(unicode(v))) | |
| 90 for k,v in query.iteritems()]) | |
| 91 | |
| 92 | |
| 87 class TemplateProcessor(object): | 93 class TemplateProcessor(object): |
| 88 | 94 |
| 89 THEME = 'default' | 95 THEME = 'default' |
| 90 | 96 |
| 91 def __init__(self, host): | 97 def __init__(self, host): |
| 587 def getOption(key): | 593 def getOption(key): |
| 588 return sanitizeHtml(options[key]) if key in options else '' | 594 return sanitizeHtml(options[key]) if key in options else '' |
| 589 | 595 |
| 590 avatar = os.path.normpath('/{}'.format(getOption('avatar'))) | 596 avatar = os.path.normpath('/{}'.format(getOption('avatar'))) |
| 591 title = getOption(C.STATIC_BLOG_PARAM_TITLE) or user | 597 title = getOption(C.STATIC_BLOG_PARAM_TITLE) or user |
| 592 query_data = urllib.urlencode(getDefaultQueryData(request)).decode('utf-8') | 598 query_data = _urlencode(getDefaultQueryData(request)).decode('utf-8') |
| 593 | 599 |
| 594 xmpp_uri = metadata['uri'] | 600 xmpp_uri = metadata['uri'] |
| 595 if len(items) == 1: | 601 if len(items) == 1: |
| 596 # FIXME: that's really not a good way to get item id | 602 # FIXME: that's really not a good way to get item id |
| 597 # this must be changed after static blog refactorisation | 603 # this must be changed after static blog refactorisation |
| 692 pass | 698 pass |
| 693 | 699 |
| 694 if request.display_single: | 700 if request.display_single: |
| 695 query_data['max'] = 1 | 701 query_data['max'] = 1 |
| 696 | 702 |
| 697 link = "{}?{}".format(base_url, urllib.urlencode(query_data)) | 703 link = "{}?{}".format(base_url, _urlencode(query_data)) |
| 698 setattr(self, key, BlogLink(link, key, key.replace('_', ' '))) | 704 setattr(self, key, BlogLink(link, key, key.replace('_', ' '))) |
| 699 | 705 |
| 700 | 706 |
| 701 class BlogImage(object): | 707 class BlogImage(object): |
| 702 | 708 |
| 741 else: | 747 else: |
| 742 self.author = ' ' | 748 self.author = ' ' |
| 743 self.url = "{}/{}".format(base_url, _quote(entry['id'])) | 749 self.url = "{}/{}".format(base_url, _quote(entry['id'])) |
| 744 query_data = getDefaultQueryData(request) | 750 query_data = getDefaultQueryData(request) |
| 745 if query_data: | 751 if query_data: |
| 746 self.url += '?{}'.format(urllib.urlencode(query_data)) | 752 self.url += '?{}'.format(_urlencode(query_data)) |
| 747 self.title = self.getText(entry, 'title') | 753 self.title = self.getText(entry, 'title') |
| 748 self.tags = [sanitizeHtml(tag) for tag in common.dict2iter('tag', entry)] | 754 self.tags = [sanitizeHtml(tag) for tag in common.dict2iter('tag', entry)] |
| 749 | 755 |
| 750 count_text = lambda count: D_(u'comments') if count > 1 else D_(u'comment') | 756 count_text = lambda count: D_(u'comments') if count > 1 else D_(u'comment') |
| 751 | 757 |
| 752 self.comments_text = u"{} {}".format(comments_count, count_text(comments_count)) | 758 self.comments_text = u"{} {}".format(comments_count, count_text(comments_count)) |
| 753 | 759 |
| 754 delta = comments_count - len(comments) | 760 delta = comments_count - len(comments) |
| 755 if request.display_single and delta > 0: | 761 if request.display_single and delta > 0: |
| 756 prev_url = "{}?{}".format(self.url, urllib.urlencode({'comments_max': comments_count})) | 762 prev_url = "{}?{}".format(self.url, _urlencode({'comments_max': comments_count})) |
| 757 prev_text = D_(u"show {count} previous {comments}").format( | 763 prev_text = D_(u"show {count} previous {comments}").format( |
| 758 count = delta, comments = count_text(delta)) | 764 count = delta, comments = count_text(delta)) |
| 759 self.all_comments_link = BlogLink(prev_url, "comments_link", prev_text) | 765 self.all_comments_link = BlogLink(prev_url, "comments_link", prev_text) |
| 760 | 766 |
| 761 if comments: | 767 if comments: |