A critique of cgi.escape
Fredrik Lundh
fredrik at pythonware.com
Tue Sep 26 09:08:47 EDT 2006
Lawrence D'Oliveiro wrote:
>> (cgi.escape(s, True) is slower than cgi.escape(s), for reasons that are
>> obvious for anyone who's looked at the code).
>
> What you're doing is adding to the reasons why the existing cgi.escape
> function is stupidly designed and implemented. The True case is by far the
> most common
really? most HTML attributes cannot even contain things that would need to
be escaped, while *all* element content needs escaping. and the web contains
a lot of element content, as should be obvious to anyone who's been there...
</F>
More information about the Python-list
mailing list