A critique of cgi.escape

Jon Ribbens jon+usenet at unequivocal.co.uk
Mon Sep 25 10:37:01 EDT 2006


In article <ef8oqr$9pt$1 at news.albasani.net>, Georg Brandl wrote:
>> I'm sorry, that's not good enough. How, precisely, would it break
>> "existing code"? Can you come up with an example, or even an
>> explanation of how it *could* break existing code?
> 
> Is that so hard to see? If cgi.escape replaced "'" with an entity reference,
> code that expects it not to do so would break.

Sorry, that's still not good enough. Why would any code expect such a
thing?



More information about the Python-list mailing list