A critique of cgi.escape
Jon Ribbens
jon+usenet at unequivocal.co.uk
Mon Sep 25 11:02:16 EDT 2006
In article <4517ec24$0$13947$edfadb0f at dread15.news.tele.dk>, Max M wrote:
>> I'm sorry, that's not good enough. How, precisely, would it break
>> "existing code"? Can you come up with an example, or even an
>> explanation of how it *could* break existing code?
>
> Some examples are:
>
> - Possibly any code that tests for string equality in a rendered
> html/xml page. Testing is a prefered development tool these days.
Testing is good, but only if done correctly.
> - Code that generates cgi.escaped() markup and (rightfully) for some
> reason expects the old behaviour to be used.
That's begging the question again ("an example of code that would
break is code that would break").
> - 3. party code that parses/scrapes content from cgi.escaped() markup.
> (you could even break Java code this way :-s )
I'm sorry, I don't understand that one. What is "party code"? Code
that is scraping content from web sites already has to cope with
entities etc.
Your comment about Java is a little ironic given that I persuaded the
Java Struts people to make the exact same change we're talking about
here, back in 2002 (even if it did take 11 months) ;-)
> If you cannot think of other examples for yourself where your change
> would introduce breakage, you are certainly not an experienced enough
> programmer to suggest changes in the standard lib!
I'll take my own opinion on that over yours, thanks.
More information about the Python-list
mailing list