Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(65587)

Side by Side Diff: Doc/library/cgi.rst

Issue 2830: Copy cgi.escape() to html
Patch Set: Created 8 years, 9 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Doc/howto/webservers.rst ('k') | Doc/library/html.rst » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 :mod:`cgi` --- Common Gateway Interface support 1 :mod:`cgi` --- Common Gateway Interface support
2 =============================================== 2 ===============================================
3 3
4 .. module:: cgi 4 .. module:: cgi
5 :synopsis: Helpers for running Python scripts via the Common Gateway Interfac e. 5 :synopsis: Helpers for running Python scripts via the Common Gateway Interfac e.
6 6
7 7
8 .. index:: 8 .. index::
9 pair: WWW; server 9 pair: WWW; server
10 pair: CGI; protocol 10 pair: CGI; protocol
(...skipping 303 matching lines...) Expand 10 before | Expand all | Expand 10 after
314 Format the current directory in HTML. 314 Format the current directory in HTML.
315 315
316 316
317 .. function:: print_environ_usage() 317 .. function:: print_environ_usage()
318 318
319 Print a list of useful (used by CGI) environment variables in HTML. 319 Print a list of useful (used by CGI) environment variables in HTML.
320 320
321 321
322 .. function:: escape(s, quote=False) 322 .. function:: escape(s, quote=False)
323 323
324 Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-saf e 324 This function is deprecated in this module. Use :func:`html.escape`
325 sequences. Use this if you need to display text that might contain such 325 instead. It is maintained here only for backward compatibility.
326 characters in HTML. If the optional flag *quote* is true, the quotation mark
327 character (``"``) is also translated; this helps for inclusion in an HTML
328 attribute value delimited by double quotes, as in ``<a href="...">``. Note
329 that single quotes are never translated.
330
331 If the value to be quoted might include single- or double-quote characters,
332 or both, consider using the :func:`~xml.sax.saxutils.quoteattr` function in t he
333 :mod:`xml.sax.saxutils` module instead.
334 326
335 327
336 .. _cgi-security: 328 .. _cgi-security:
337 329
338 Caring about security 330 Caring about security
339 --------------------- 331 ---------------------
340 332
341 .. index:: pair: CGI; security 333 .. index:: pair: CGI; security
342 334
343 There's one important rule: if you invoke an external program (via the 335 There's one important rule: if you invoke an external program (via the
(...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after
506 * Don't try to give a CGI script a set-uid mode. This doesn't work on most 498 * Don't try to give a CGI script a set-uid mode. This doesn't work on most
507 systems, and is a security liability as well. 499 systems, and is a security liability as well.
508 500
509 .. rubric:: Footnotes 501 .. rubric:: Footnotes
510 502
511 .. [#] Note that some recent versions of the HTML specification do state what or der the 503 .. [#] Note that some recent versions of the HTML specification do state what or der the
512 field values should be supplied in, but knowing whether a request was 504 field values should be supplied in, but knowing whether a request was
513 received from a conforming browser, or even from a browser at all, is tedious 505 received from a conforming browser, or even from a browser at all, is tedious
514 and error-prone. 506 and error-prone.
515 507
OLDNEW
« no previous file with comments | « Doc/howto/webservers.rst ('k') | Doc/library/html.rst » ('j') | no next file with comments »

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+