Escape problem

Robert Brewer fumanchu at amor.org
Tue Mar 2 19:42:04 CET 2004


Thomas Guettler wrote (sorry, Thomas, for the duplicate--forgot to Reply
All):
> Am Tue, 02 Mar 2004 06:57:19 -0800 schrieb ketulp_barod:
> 
> > Hi
> > I am developing a web application.
> > I have a string 'foo"bar"' say in variable s.
> > When I print s on the python shell it prints correctly 'foo"bar"'
> > whereas when I try to display s on the form it just prints 
> 'foo'. What
> > should I do to print complete string 'foo"bar"' on the form
> 
> If you want to use the value in an attribute,
> you need to quote it:
>  
>  cgi.escape(s, 1)

Also, take a look at xml.sax.saxutils.quoteattr:

>>> import cgi

>>> cgi.escape('foo"bar"', 1)
'foo"bar"'

>>> from xml.sax.saxutils import quoteattr
>>> quoteattr('foo"bar"')
'\'foo"bar"\''

Notice that quoteattr includes the enveloping quotes for you. If you
were to interpolate the result of quoteattr into an HTML string, you
would write:

>>> '<div class=%s></div>' % quoteattr('foo"bar"')
'<div class=\'foo"bar"\'></div>'


Robert Brewer
MIS
Amor Ministries
fumanchu at amor.org




More information about the Python-list mailing list