Replace cgi.escape with html.escape

master
Ferry Boender 4 years ago
parent afbf7ac37b
commit f762472090
  1. 5
      src/webapp.py

@ -4,6 +4,7 @@ handling them.
""" """
import cgi import cgi
import html
import logging import logging
import tempfile import tempfile
import os import os
@ -458,11 +459,11 @@ class ScriptFormWebApp(RequestHandler):
# Ignore everything if we're doing raw output, since it's the # Ignore everything if we're doing raw output, since it's the
# scripts responsibility. # scripts responsibility.
if result['exitcode'] != 0: if result['exitcode'] != 0:
stderr = cgi.escape(result['stderr'].decode('utf8')) stderr = html.escape(result['stderr'].decode('utf8'))
msg = u'<span class="error">{0}</span>'.format(stderr) msg = u'<span class="error">{0}</span>'.format(stderr)
else: else:
if form_def.output == 'escaped': if form_def.output == 'escaped':
stdout = cgi.escape(result['stdout'].decode('utf8')) stdout = html.escape(result['stdout'].decode('utf8'))
msg = u'<pre>{0}</pre>'.format(stdout) msg = u'<pre>{0}</pre>'.format(stdout)
else: else:
# Non-escaped output (html, usually) # Non-escaped output (html, usually)

Loading…
Cancel
Save