Mercurial > libervia-web

view src/server/html_tools.py @ 823:027139763511

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server (blog): cleaning & improvments: - use a constant for themes url - moved RSM related constants to server only constants, and renamed theme STATIC_RSM* - raised the default number of items/comments to 10 - removed references to microblog namespace as it is managed by backend - many little improvments for better readability - dont use dynamic relative paths anymore - replaced use of old formatting syntax (%) by format() - profile name in url is now properly (un)quoted - removed max_items as it was used at the same time as RSM (TODO: check RSM support before using it) - renamed render_* methods using camelCase for consistency - put a limit for rsm_max, to avoid overloading - don't sort items after getting them anymore, as sorting is already done by backend/pubsub according to request - use urllib.urlencode when possible
author Goffi <goffi@goffi.org>
date Fri, 08 Jan 2016 14:42:39 +0100
parents f8a7a046ff9c
children fd4eae654182
line wrap: on
line source

#!/usr/bin/python
# -*- coding: utf-8 -*-

# Libervia: a Salut à Toi frontend
# Copyright (C) 2011-2016 Jérôme Poisson <goffi@goffi.org>

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.

# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.


def sanitizeHtml(text):
    """Sanitize HTML by escaping everything"""
    #this code comes from official python wiki: http://wiki.python.org/moin/EscapingHtml
    html_escape_table = {
        "&": "&amp;",
        '"': "&quot;",
        "'": "&apos;",
        ">": "&gt;",
        "<": "&lt;",
        }

    return "".join(html_escape_table.get(c, c) for c in text)


def convertNewLinesToXHTML(text):
    return text.replace('\n', '<br/>')