Escape problem

Robert Brewer fumanchu at
Tue Mar 2 19:42:04 CET 2004

Thomas Guettler wrote (sorry, Thomas, for the duplicate--forgot to Reply
> Am Tue, 02 Mar 2004 06:57:19 -0800 schrieb ketulp_barod:
> > Hi
> > I am developing a web application.
> > I have a string 'foo"bar"' say in variable s.
> > When I print s on the python shell it prints correctly 'foo"bar"'
> > whereas when I try to display s on the form it just prints 
> 'foo'. What
> > should I do to print complete string 'foo"bar"' on the form
> If you want to use the value in an attribute,
> you need to quote it:
>  cgi.escape(s, 1)

Also, take a look at xml.sax.saxutils.quoteattr:

>>> import cgi

>>> cgi.escape('foo"bar"', 1)

>>> from xml.sax.saxutils import quoteattr
>>> quoteattr('foo"bar"')

Notice that quoteattr includes the enveloping quotes for you. If you
were to interpolate the result of quoteattr into an HTML string, you
would write:

>>> '<div class=%s></div>' % quoteattr('foo"bar"')
'<div class=\'foo"bar"\'></div>'

Robert Brewer
Amor Ministries
fumanchu at

More information about the Python-list mailing list