A critique of cgi.escape
John Bokma
john at castleamber.com
Tue Sep 26 20:51:31 EDT 2006
Lawrence D'Oliveiro <ldo at geek-central.gen.new_zealand> wrote:
> In message <Xns984ABA8B57753castleamber at 130.133.1.4>, John Bokma
> wrote:
[..]
>> ... href="/search.cgi?query=3&results=10"
>
> You _do_ realize that the "&" should be escaped as "&", don't you?
And what's "/search.cgi?query=3&results=10"? An attribute value. Exactly
my point.
--
John MexIT: http://johnbokma.com/mexit/
personal page: http://johnbokma.com/
Experienced programmer available: http://castleamber.com/
Happy Customers: http://castleamber.com/testimonials.html
More information about the Python-list
mailing list