cubicweb: comparison web/views/management.py

equal deleted inserted replaced

-:f178182b1305
+:af4d8f75c5db
 :license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
 """
 __docformat__ = "restructuredtext en"
 _ = unicode
-from logilab.mtconverter import html_escape
+from logilab.mtconverter import xml_escape
 from cubicweb.selectors import yes, none_rset, match_user_groups, authenticated_user
 from cubicweb.view import AnyRsetView, StartupView, EntityView
 from cubicweb.common.uilib import html_traceback, rest_traceback
 from cubicweb.web import formwidgets as wdgs
 entity = self.entity(row, col)
 w = self.w
 _ = self.req._
 w(u'<h1><span class="etype">%s</span> <a href="%s">%s</a></h1>'
 % (entity.dc_type().capitalize(),
-html_escape(entity.absolute_url()),
+xml_escape(entity.absolute_url()),
-html_escape(entity.dc_title())))
+xml_escape(entity.dc_title())))
 # first show permissions defined by the schema
 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions'))
 self.schema_definition(entity.e_schema)
 self.w('<h2>%s</h2>' % _('manage security'))
 # ownership information
 delurl = delurl.replace('%', '%%')
 # don't give __delete value to build_url else it will be urlquoted
 # and this will replace %s by %25s
 delurl += '&__delete=%s:require_permission:%%s' % entity.eid
 dellinktempl = u'[<a href="%s" title="%s">-</a>]&nbsp;' % (
-html_escape(delurl), _('delete this permission'))
+xml_escape(delurl), _('delete this permission'))
 else:
 dellinktempl = None
 w(u'<table class="schemaInfo">')
 w(u'<tr><th>%s</th><th>%s</th></tr>' % (_("permission"),
 _('granted to groups')))
 exclass = ex.__class__.__name__
 ex = exc_message(ex, req.encoding)
 if excinfo is not None and self.config['print-traceback']:
 if exclass is None:
 w(u'<div class="tb">%s</div>'
-% html_escape(ex).replace("\n","<br />"))
+% xml_escape(ex).replace("\n","<br />"))
 else:
 w(u'<div class="tb">%s: %s</div>'
-% (exclass, html_escape(ex).replace("\n","<br />")))
+% (exclass, xml_escape(ex).replace("\n","<br />")))
 w(u'<hr />')
 w(u'<div class="tb">%s</div>' % html_traceback(excinfo, ex, ''))
 else:
-w(u'<div class="tb">%s</div>' % (html_escape(ex).replace("\n","<br />")))
+w(u'<div class="tb">%s</div>' % (xml_escape(ex).replace("\n","<br />")))
 # if excinfo is not None, it's probably not a bug
 if excinfo is None:
 return
 vcconf = self.config.vc_config()
 w(u"<div>")
 return unicode(str(ex), encoding, 'replace')
 except:
 return unicode(repr(ex), encoding, 'replace')
 def text_error_description(ex, excinfo, req, eversion, cubes):
-binfo = rest_traceback(excinfo, html_escape(ex))
+binfo = rest_traceback(excinfo, xml_escape(ex))
 binfo += u'\n\n:URL: %s\n' % req.url()
 if not '__bugreporting' in req.form:
 binfo += u'\n:form params:\n'
 binfo += u'\n'.join(u'  * %s = %s' % (k, v) for k, v in req.form.iteritems())
 binfo += u'\n\n:CubicWeb version: %s\n'  % (eversion,)
 return
 self.w(u'<h3>%s</h3>' % _('Environment'))
 self.w(u'<table border="1">')
 for attr in env.keys():
 self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>'
-% (attr, html_escape(env[attr])))
+% (attr, xml_escape(env[attr])))
 self.w(u'</table>')
 self.w(u'<h3>%s</h3>' % _('Request'))
 self.w(u'<table border="1">')
 for attr in ('filename', 'form', 'hostname', 'main', 'method',
 'path_info', 'protocol',
 'search_state', 'the_request', 'unparsed_uri', 'uri'):
 val = getattr(req, attr)
 self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>'
-% (attr, html_escape(val)))
+% (attr, xml_escape(val)))
 self.w(u'</table>')
 server = req.server
 self.w(u'<h3>%s</h3>' % _('Server'))
 self.w(u'<table border="1">')
 for attr in dir(server):
 val = getattr(server, attr)
 if attr.startswith('_') or callable(val):
 continue
 self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>'
-% (attr, html_escape(val)))
+% (attr, xml_escape(val)))
 self.w(u'</table>')

branch	stable
changeset 2312	af4d8f75c5db
parent 2270	70c0da0f2181
child 2381	caad2367d940