A critique of cgi.escape
Lawrence D'Oliveiro
ldo at geek-central.gen.new_zealand
Sat Sep 23 18:41:02 EDT 2006
In message <mailman.499.1159035571.10491.python-list at python.org>, Fredrik
Lundh wrote:
> Lawrence D'Oliveiro wrote:
>
>> So I think the default for the second argument to cgi.escape should be
>> changed to True. Or alternatively, the second argument should be removed
>> altogether, and quotes should always be escaped.
>
> you're confused: cgi.escape(s) is designed to be used for ordinary text,
> cgi.escape(s, True) is designed for attributes.
What works for attributes also works for ordinary text.
More information about the Python-list
mailing list