Homec4science

htmlutils: improve js string escaping

Authored by Jerome Caffaro <jerome.caffaro@cern.ch> on Feb 5 2013, 12:54.

Description

htmlutils: improve js string escaping

  • Moves/renames jsonutils.wash_for_js() function to htmlutils.escape_javascript_string() as this function would mostly be used to escape javascript in HTML context. Updates bfe_bookmark accordingly.
  • No longer adds double-quotes around the returned string in order to be more flexible regarding the context in which the string is inserted.
  • More complete escaping of Javascript chars when 'json' is not installed.
  • Adds parameters to control the level of escaping, to be adjusted according to the context (HTML vs JS output, XHTML vs HTML, content-type, use of CDATA delimiters).
  • Adds docstrings and unit tests.
  • Merge note: fixed indentation in htmlutils.py.

Tested-by: Tibor Simko <tibor.simko@cern.ch>

Details

Committed
Tibor Simko <tibor.simko@cern.ch>Feb 8 2013, 11:41
Parents
R3600:dd8a71e6865f: htmlutils: fix single quote escaping
Branches
Unknown
Tags
Unknown

Event Timeline

Tibor Simko <tibor.simko@cern.ch> committed R3600:d05f801abe6c: htmlutils: improve js string escaping (authored by Jerome Caffaro <jerome.caffaro@cern.ch>).Feb 8 2013, 11:41