Mercurial > libervia-web
changeset 893:298fbe562060
blog: escape "&" when encoding URL, so they can be used without escaping in the HTML template
fix bug 129
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 20 Mar 2016 20:06:28 +0100 |
parents | bf2af257e18b |
children | e4e278255c9a |
files | src/server/blog.py |
diffstat | 1 files changed, 10 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/server/blog.py Sun Mar 20 18:51:55 2016 +0100 +++ b/src/server/blog.py Sun Mar 20 20:06:28 2016 +0100 @@ -84,6 +84,12 @@ return urllib.unquote(quoted_value).decode('utf-8') +def _urlencode(query): + """Same as urllib.urlencode, but use '&' instead of '&'""" + return u'&'.join([u"{}={}".format(urllib.quote_plus(unicode(k)), urllib.quote_plus(unicode(v))) + for k,v in query.iteritems()]) + + class TemplateProcessor(object): THEME = 'default' @@ -589,7 +595,7 @@ avatar = os.path.normpath('/{}'.format(getOption('avatar'))) title = getOption(C.STATIC_BLOG_PARAM_TITLE) or user - query_data = urllib.urlencode(getDefaultQueryData(request)).decode('utf-8') + query_data = _urlencode(getDefaultQueryData(request)).decode('utf-8') xmpp_uri = metadata['uri'] if len(items) == 1: @@ -694,7 +700,7 @@ if request.display_single: query_data['max'] = 1 - link = "{}?{}".format(base_url, urllib.urlencode(query_data)) + link = "{}?{}".format(base_url, _urlencode(query_data)) setattr(self, key, BlogLink(link, key, key.replace('_', ' '))) @@ -743,7 +749,7 @@ self.url = "{}/{}".format(base_url, _quote(entry['id'])) query_data = getDefaultQueryData(request) if query_data: - self.url += '?{}'.format(urllib.urlencode(query_data)) + self.url += '?{}'.format(_urlencode(query_data)) self.title = self.getText(entry, 'title') self.tags = [sanitizeHtml(tag) for tag in common.dict2iter('tag', entry)] @@ -753,7 +759,7 @@ delta = comments_count - len(comments) if request.display_single and delta > 0: - prev_url = "{}?{}".format(self.url, urllib.urlencode({'comments_max': comments_count})) + prev_url = "{}?{}".format(self.url, _urlencode({'comments_max': comments_count})) prev_text = D_(u"show {count} previous {comments}").format( count = delta, comments = count_text(delta)) self.all_comments_link = BlogLink(prev_url, "comments_link", prev_text)