Mercurial > libervia-web

diff libervia_server/html_tools.py @ 331:06a48d805547

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server side: make Libervia a Twisted plugin, and add it the --port argument + add a config file for the port. ==> NOTE from Goffi: it's a fixed version of Link Mauve's patch c144b603fb93 Fixes bug 16.
author Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
date Tue, 04 Feb 2014 17:09:00 +0100
parents server_side/html_tools.py@9763dec220ed
children 2067d6241927
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/libervia_server/html_tools.py	Tue Feb 04 17:09:00 2014 +0100
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+"""
+Libervia: a Salut à Toi frontend
+Copyright (C) 2011, 2012, 2013 Jérôme Poisson <goffi@goffi.org>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+"""
+
+def sanitizeHtml(text):
+    """Sanitize HTML by escaping everything"""
+    #this code comes from official python wiki: http://wiki.python.org/moin/EscapingHtml
+    html_escape_table = {
+        "&": "&amp;",
+        '"': "&quot;",
+        "'": "&apos;",
+        ">": "&gt;",
+        "<": "&lt;",
+        }
+
+    return "".join(html_escape_table.get(c,c) for c in text)
+