[issue5752] xml.dom.minidom does not escape CR, LF and TAB characters within attribute values
W. Trevor King
report at bugs.python.org
Tue Aug 3 12:32:04 CEST 2010
W. Trevor King <wking at drexel.edu> added the comment:
And while we're at it, we should also
.replace('&', '&').replace('"', """).replace('<', '<')
which would have to go at the beginning to avoid double-escaping the '&'.
We could use xml.sax.saxutils.escape to do all the escaping rather than chaining replaces:
data = escape(data, {'"':'"', '\r':'
', '\n':'
', '\t':'	'})
which also escapes '>' (not strictly required for attribute values, but shouldn't be harmful either).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue5752>
_______________________________________
More information about the Python-bugs-list
mailing list