Message 260601 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	Dhiraj_Mishra, docs@python, martin.panter
Date	2016-02-21.10:09:29
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1456049370.23.0.726389892083.issue26398@psf.upfronthosting.co.za>
In-reply-to

Content
The Python 3 documentation <https://docs.python.org/3/library/cgi.html#cgi.escape> says this is deprecated in favour of html.escape(), which by default has quote=True. AFAIK there is no equivalent in Python 2. See Issue 2830 for the addition of html.escape(), and also Issue 9061 about cgi.escape() introducing vulnerabilities.

The Python 3 documentation <https://docs.python.org/3/library/cgi.html#cgi.escape> says this is deprecated in favour of html.escape(), which by default has quote=True. AFAIK there is no equivalent in Python 2. See Issue 2830 for the addition of html.escape(), and also Issue 9061 about cgi.escape() introducing vulnerabilities.

History
Date	User	Action	Args
2016-02-21 10:09:30	martin.panter	set	recipients: + martin.panter, docs@python, Dhiraj_Mishra
2016-02-21 10:09:30	martin.panter	set	messageid: <1456049370.23.0.726389892083.issue26398@psf.upfronthosting.co.za>
2016-02-21 10:09:30	martin.panter	link	issue26398 messages
2016-02-21 10:09:29	martin.panter	create