Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/views/basecomponents.py
branchstable
changeset 2312 af4d8f75c5db
parent 2218 b5d00053a7fe
child 2313 2940c2341ae4 
--- a/web/views/basecomponents.py	Tue Jul 07 13:25:24 2009 +0200
+++ b/web/views/basecomponents.py	Tue Jul 07 13:26:44 2009 +0200
@@ -15,7 +15,7 @@
 
 from cubicweb.selectors import yes, two_etypes_rset, match_form_params
 from cubicweb.schema import display_name
-from cubicweb.common.uilib import html_escape, toggle_action
+from cubicweb.common.uilib import xml_escape, toggle_action
 from cubicweb.web import component
 from cubicweb.web.htmlwidgets import (MenuWidget, PopupBoxMenu, BoxSeparator,
                                       BoxLink)
@@ -47,7 +47,7 @@
 <input type="submit" value="" class="rqlsubmit" tabindex="%s" />
 </fieldset>
 ''' % (not self.propval('visible') and 'hidden' or '',
-       self.build_url('view'), html_escape(rql), req._('full text or RQL query'), req.next_tabindex(),
+       self.build_url('view'), xml_escape(rql), req._('full text or RQL query'), req.next_tabindex(),
         req.next_tabindex()))
         if self.req.search_state[0] != 'normal':
             self.w(u'<input type="hidden" name="__mode" value="%s"/>'
@@ -202,7 +202,7 @@
                 url = self.build_url(rql=newrql, __restrrql=restrrql,
                                      __restrtype=etype, __restrtypes=','.join(restrtypes))
                 html.append(u'<span><a href="%s">%s</a></span>' % (
-                        html_escape(url), elabel))
+                        xml_escape(url), elabel))
                 rqlst.recover()
         if on_etype:
             url = self.build_url(rql=restrrql)
cubicweb