[Distutils] PEP 438 - Transition Phase 1

Marius Gedminas marius at pov.lt
Mon May 20 08:44:02 CEST 2013 

On Mon, May 20, 2013 at 02:21:05AM -0400, Donald Stufft wrote:
> 
> On May 20, 2013, at 2:18 AM, Lennart Regebro <regebro at gmail.com> wrote:
> 
> > On Sun, May 19, 2013 at 10:20 PM, Donald Stufft <donald at stufft.io> wrote:
> >> Hrm, ZPT doesn't seem to be stripping the CDATA or unescaping the strings?
> >> 
> >> https://gist.github.com/dstufft/5608838 is what i have in the template file and that appears verbatim in the output?
> > 
> > Yes? It will escape *data* inserted into the template (unless told not
> > to), but what is in the template will appear in the output unescaped.
> > I'm not sure how any template system can work otherwise, but perhaps
> > I've been using Zope too long. :-)
> > 
> > //Lennart
> 
> Maybe you can tell me what I'm doing wrong?

Using zope.pagetemplate. ;)

More seriously, zope.pagetemplate has two parsing modes: HTML and XML.
Nobody actually uses the XML mode (pt files start with an <?xml?>
declaration, all tal/metal namespaces must be explicitly defined using
xmlns:tal=url-that-nobody-can-remember).  The HTML mode allows you to
write Javascript just like you would do it in a browser, with no extra
XML-quoting:

  <script type="text/javascript>
    if (1 < 2) alert("it works!");
  </script>

Does this not work for you?  I'm currently looking at a Zope3 app that
does precisely this in its working page templates.

> I need to insert a <script> tag with Javascript in it. Tres told me to
> put the contents of the script tag in CDATA blocks which I did, and
> then when the template was rendered it still had the CDATA blocks so
> it was invalid javascript.

I seem to recall hacks of the form

  <script ...>
   // <![CDATA[
   ...
   // ]]>
  </script>

but I haven't seen one in a really long time.

> He also said to just put the javascript in the body of the script but
> xml escape it. Which I did, and when the template was rendered the
> data was still xml escaped and again invalid javascript.

I think scripts in XHTML were supposed to be XML-escaped.  AFAIU
zope.pagetemplate was designed back when XHTML was supposed to be The
Bright Future of the Web.

Marius Gedminas
-- 
Always proofread carefully to see if you any words out.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: Digital signature
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20130520/bcd83e94/attachment.pgp>

More information about the Distutils-SIG mailing list