1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
From: Stuart Prescott <stuart@debian.org>
Date: Sun, 16 Mar 2025 12:27:41 +1100
Subject: Patch out old cgi module
Upstream: https://github.com/plastex/plastex/commit/74b6b3bf31cbdd5e6edd2097cf01617f68e4cf04
Closes: #1084675
Use html.escape rather than cgi.escape.
---
plasTeX/Renderers/PageTemplate/simpletal/simpleTALUtils.py | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/plasTeX/Renderers/PageTemplate/simpletal/simpleTALUtils.py b/plasTeX/Renderers/PageTemplate/simpletal/simpleTALUtils.py
index 923a0ac..e4f4cc6 100644
--- a/plasTeX/Renderers/PageTemplate/simpletal/simpleTALUtils.py
+++ b/plasTeX/Renderers/PageTemplate/simpletal/simpleTALUtils.py
@@ -34,7 +34,7 @@
Module Dependencies: None
"""
-import io, os, stat, threading, codecs, cgi, re
+import io, os, stat, threading, codecs, html, re
from . import __version__, simpleTAL
# This is used to check for already escaped attributes.
@@ -114,7 +114,7 @@ def tagAsText (tag,atts):
# We already have some escaped characters in here, so assume it's all valid
result += ' %s="%s"' % (name, value)
else:
- result += ' %s="%s"' % (name, cgi.escape (value))
+ result += ' %s="%s"' % (name, html.escape (value))
result += ">"
return result
@@ -195,11 +195,11 @@ class MacroExpansionInterpreter (simpleTAL.TemplateInterpreter):
self.file.write (str (str (resultVal), 'ascii'))
else:
if (isinstance (resultVal, str)):
- self.file.write (cgi.escape (resultVal))
+ self.file.write (html.escape (resultVal))
elif (isinstance (resultVal, bytes)):
- self.file.write (cgi.escape (str (resultVal, 'ascii')))
+ self.file.write (html.escape (str (resultVal, 'ascii')))
else:
- self.file.write (cgi.escape (str (str (resultVal), 'ascii')))
+ self.file.write (html.escape (str (str (resultVal), 'ascii')))
if (self.outputTag and not args[1]):
self.file.write ('</' + args[0] + '>')
|
