Mercurial > libervia-web

comparison browser_side/richtext.py @ 368:97c5a9092bee

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
browser_side: escape the microblog titles when they are displayed
author souliane <souliane@mailoo.org>
date Sun, 23 Feb 2014 15:00:42 +0100
parents 4cf735b40304
children 564208366dd6
comparison
equal deleted inserted replaced
367:764c32ecb754 368:97c5a9092bee
31 31
32 from constants import Const 32 from constants import Const
33 from dialog import ConfirmDialog, InfoDialog 33 from dialog import ConfirmDialog, InfoDialog
34 from base_panels import TitlePanel, BaseTextEditor, LightTextEditor 34 from base_panels import TitlePanel, BaseTextEditor, LightTextEditor
35 from list_manager import ListManager 35 from list_manager import ListManager
36 from tools import html_sanitize
36 import panels 37 import panels
37 38
38 from sat_frontends.tools import composition 39 from sat_frontends.tools import composition
39 from sat.core.i18n import _ 40 from sat.core.i18n import _
40 41
311 else: 312 else:
312 if not self.initialized: 313 if not self.initialized:
313 # set the display text in XHTML only during init because a new MicroblogEntry instance is created after each modification 314 # set the display text in XHTML only during init because a new MicroblogEntry instance is created after each modification
314 text = content['text'] 315 text = content['text']
315 if 'title' in content and content['title']: 316 if 'title' in content and content['title']:
316 text = '<h1>%s</h1>%s' % (content['title'], content['text']) 317 text = '<h1>%s</h1>%s' % (html_sanitize(content['title']), content['text'])
317 self.display.setContent({'text': text}) 318 self.display.setContent({'text': text})
318 self.display.edit(False) 319 self.display.edit(False)
319 320
320 def setFocus(self, focus): 321 def setFocus(self, focus):
321 self.textarea.setFocus(focus) 322 self.textarea.setFocus(focus)