1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Description: cgi.escape method has been removed in python3.8. To make it work cgi.escape is replaced by html.escape
Author: Olivier Aubert <[email protected]>
Forwarded: Has been reported upstream, as written in the bug report
Bugs-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983342
Last-Update: 2021-03-02
--- a/lib/simpletal/simpleTALUtils.py
b/lib/simpletal/simpleTALUtils.py
@@ -34,7 34,7 @@
Module Dependencies: None
"""
-import io, os, stat, threading, sys, codecs, cgi, re, types, logging
import io, os, stat, threading, sys, codecs, html, re, types, logging
from . import __version__, simpleTAL
# This is used to check for already escaped attributes.
@@ -114,7 114,7 @@
# We already have some escaped characters in here, so assume it's all valid
result = ' %s="%s"' % (name, value)
else:
- result = ' %s="%s"' % (name, cgi.escape (value))
result = ' %s="%s"' % (name, html.escape (value))
result = ">"
return result
@@ -195,11 195,11 @@
self.file.write (str (str (resultVal), 'ascii'))
else:
if (isinstance (resultVal, str)):
- self.file.write (cgi.escape (resultVal))
self.file.write (html.escape (resultVal))
elif (isinstance (resultVal, bytes)):
- self.file.write (cgi.escape (str (resultVal, 'ascii')))
self.file.write (html.escape (str (resultVal, 'ascii')))
else:
- self.file.write (cgi.escape (str (str (resultVal), 'ascii')))
self.file.write (html.escape (str (str (resultVal), 'ascii')))
if (self.outputTag and not args[1]):
self.file.write ('</' args[0] '>')
|
