Loading ...
Sorry, an error occurred while loading the content.

SafeHtmlString not writing end tags?

Expand Messages
  • cryomax
    I grabbed SafeHtml.py out of the Clearsilver Python stuff and tried out a very simple test: SafeHtml.SafeHtmlString ( foobar
    Message 1 of 3 , Nov 2, 2005
    View Source
    • 0 Attachment
      I grabbed SafeHtml.py out of the Clearsilver Python stuff and tried
      out a very simple test:

      SafeHtml.SafeHtmlString ("<b>foobar<script type='text/javascript'></b>")

      I expected to get "<b>foobar</b>"

      I got "<B>foobar".

      This, obviously, is problematic for its purpose, since the closing
      bold tag has been dropped...

      Is anyone actively using this code? If so, is there a newer version?
      I don't want to dip into trying to fix this if it's already been done.

      ...Paul
    • Brandon Long
      hmm, bad interaction between stripping the and doing the matching tag that s stripped. The fix was pretty easy, available at
      Message 2 of 3 , Nov 3, 2005
      View Source
      • 0 Attachment
        hmm, bad interaction between stripping the <script> and doing the
        matching tag that's stripped.

        The fix was pretty easy, available at
        http://www.fiction.net/blong/programs/python/SafeHtml.py

        Brandon

        On 11/02/05 cryomax uttered the following other thing:
        > I grabbed SafeHtml.py out of the Clearsilver Python stuff and tried
        > out a very simple test:
        >
        > SafeHtml.SafeHtmlString ("<b>foobar<script type='text/javascript'></b>")
        >
        > I expected to get "<b>foobar</b>"
        >
        > I got "<B>foobar".
        >
        > This, obviously, is problematic for its purpose, since the closing
        > bold tag has been dropped...
        >
        > Is anyone actively using this code? If so, is there a newer version?
        > I don't want to dip into trying to fix this if it's already been done.
        >
        > ...Paul
        >
        >
        >
        >
        >
        >
        >
        >
        >
        > Yahoo! Groups Links
        >
        >
        >
        >
        >
        >

        --
        "Also, of course, I'm not allowed to play favorites among my students,
        so y'know, if I plonked one, I'd have to do every man and woman in
        the class, and that could get tiring." -- Todd Markle
        http://www.fiction.net/blong/
      • ...Paul
        ... Poifect, thanks! :) ...Paul ** Read my Blog: http://www.bloglines.com/blog/CryoMax ** ** Visit Project Galactic Guide http://www.galactic-guide.com/ **
        Message 3 of 3 , Nov 3, 2005
        View Source
        • 0 Attachment
          On Thu, 3 Nov 2005, Brandon Long wrote:
          > hmm, bad interaction between stripping the <script> and doing the
          > matching tag that's stripped.
          >
          > The fix was pretty easy, available at
          > http://www.fiction.net/blong/programs/python/SafeHtml.py

          Poifect, thanks! :)

          ...Paul

          ** Read my Blog: http://www.bloglines.com/blog/CryoMax **
          ** Visit Project Galactic Guide http://www.galactic-guide.com/ **
          "One can never consent to creep when one feels an impulse to soar"
          -- Helen Keller
        Your message has been successfully submitted and would be delivered to recipients shortly.