A critique of cgi.escape
Brian Quinlan
brian at sweetapp.com
Tue Sep 26 13:37:57 EDT 2006
Jon Ribbens wrote:
> In article <mailman.708.1159287078.10491.python-list at python.org>, Brian Quinlan wrote:
>> Well, there are dozens (hundreds?) of templating systems for Python.
>
> I know, I wrote one of them ;-)
>
>> t = Template("test.html")
>> t['foo'] = 'Brian -> "Hi!"'
>> assert str(t) == '<p>Brian -> "Hi"</p>'
>>
>> So how would you test our template system?
>
> What I don't get is why you are testing the above code like that at
> all. Surely if the template system somehow became so broken that it
> couldn't even do trivial replacements, you would notice immediately
> as all your web pages would go totally wrong.
If, in the example that I showed, the less-than character was not
correctly escaped, then it might not manifest itself frequently in a
typical application because the less-than character is seldom used in
English prose.
Also, assuming that single case was trivial to test without a test
harness, how many web pages do I have to look at to be reasonably
confident that *every* feature works correctly?
Cheers,
Brian
More information about the Python-list
mailing list