Mercurial > libervia-web
view src/server/html_tools.py @ 634:16a5da120b7f frontends_multi_profiles
browser side (contact list): Contact list improvments:
- removed optional arguments from getContactBox: they are now managed by the hosting panel, as the arguments should be same for all contacts in a panel
- contact name is no more specified on ContactBox creation, is gotten by the ContactLabel itself using the cache (TODO: "nick" listener)
- renamed setMessageXXX to setAlert for consitency with QuickFrontend (furthermore the alert could be used for something else than waiting messages)
- ContactBoxes are stored using bare jid
- parent is used in ContactBox instead of host
author | Goffi <goffi@goffi.org> |
---|---|
date | Mon, 23 Feb 2015 18:44:57 +0100 |
parents | 1a0cec9b0f1e |
children | c8cca1a373dd |
line wrap: on
line source
#!/usr/bin/python # -*- coding: utf-8 -*- # Libervia: a Salut à Toi frontend # Copyright (C) 2011, 2012, 2013, 2014 Jérôme Poisson <goffi@goffi.org> # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. def sanitizeHtml(text): """Sanitize HTML by escaping everything""" #this code comes from official python wiki: http://wiki.python.org/moin/EscapingHtml html_escape_table = { "&": "&", '"': """, "'": "'", ">": ">", "<": "<", } return "".join(html_escape_table.get(c, c) for c in text)