A critique of cgi.escape
Lawrence D'Oliveiro
ldo at geek-central.gen.new_zealand
Tue Sep 26 03:32:51 EDT 2006
In message <efakbd$867$1 at news.albasani.net>, Georg Brandl wrote:
> Lawrence D'Oliveiro wrote:
>> In message <mailman.559.1159188171.10491.python-list at python.org>, Fredrik
>> Lundh wrote:
>>
>>> Lawrence D'Oliveiro wrote:
>>>
>>>>> Georg Brandl wrote:
>>>>>
>>>>>> A function is broken if its implementation doesn't match the
>>>>>> documentation.
>>>>>
>>>>> or if it doesn't match the designer's intent. cgi.escape is old
>>>>> enough that we would have noticed that, by now...
>>>>
>>>> _We_ certainly have noticed it.
>>>
>>> you're not the designer...
>>
>> I don't have to be. Whoever the designer was, they had not properly
>> thought through the uses of this function. That's quite obvious already,
>> to anybody who works with HTML a lot. So the function is broken and needs
>> to be fixed.
>>
>> If you're worried about changing the semantics of a function that keeps
>> the same "cgi.escape" name, then fine. We delete the existing function
>> and add a new, properly-designed one. _That_ will be a wake-up call to
>> all the users of the existing function to fix their code.
>
> What about the users who don't need to "fix" their code since it's working
> fine and flawlessly with the current cgi.escape?
They're just lucky. I guess, that the bugs haven't bitten them--yet.
More information about the Python-list
mailing list