xml escapedness
Robin Becker
robin at reportlab.com
Fri Feb 22 12:41:06 EST 2008
Tim van der Leeuw wrote:
> On Fri, Feb 22, 2008 at 5:17 PM, Robin Becker <robin at reportlab.com> wrote:
>
>> A colleague has decided to keep his django database string values (which
>> are xml
>> fragments) in an xml escaped form to avoid having the problem of escaping
>> them
>> when they are used in templates etc etc.
>>
>> Unfortunately he found that the normal admin doesn't escape on the way
>> through
>> so thought of adding a standard mechanism to the save methods. However,
>> this
>> brings in the possibility of escaping twice ie once in his original
>> capture code
>> and then in the django save methods.
>>
>
> Well -- you escape them in the save() method only when they contain XML
> charachters like <, > ? How about that, wouldn't that work?
>
> --Tim
>
......
That might work, but there are all the ampersands etc etc to consider as well.
So an escaped string could contain &, but so can a raw string.
--
Robin Becker
More information about the Python-list
mailing list