diff -r f178182b1305 -r af4d8f75c5db web/views/basetemplates.py --- a/web/views/basetemplates.py Tue Jul 07 13:25:24 2009 +0200 +++ b/web/views/basetemplates.py Tue Jul 07 13:26:44 2009 +0200 @@ -8,7 +8,7 @@ """ __docformat__ = "restructuredtext en" -from logilab.mtconverter import html_escape +from logilab.mtconverter import xml_escape from cubicweb.vregistry import objectify_selector from cubicweb.selectors import match_kwargs @@ -31,14 +31,14 @@ def template_header(self, content_type, view=None, page_title='', additional_headers=()): w = self.whead # explictly close the tag to avoid IE 6 bugs while browsing DOM - w(u'' % html_escape(self.req.base_url())) + w(u'' % xml_escape(self.req.base_url())) w(u'\n' % (content_type, self.req.encoding)) w(NOINDEX) w(NOFOLLOW) w(u'\n'.join(additional_headers) + u'\n') self.wview('htmlheader', rset=self.rset) - w(u'%s\n' % html_escape(page_title)) + w(u'%s\n' % xml_escape(page_title)) class LogInTemplate(LogInOutTemplate): @@ -60,7 +60,7 @@ if self.config['anonymous-user']: indexurl = self.build_url('view', vid='index', __message=msg) w(u'

%s

' % ( - html_escape(indexurl), + xml_escape(indexurl), self.req._('go back to the index page'))) @objectify_selector @@ -110,7 +110,7 @@ w(u'

\n') vtitle = self.req.form.get('vtitle') if vtitle: - w(u'

%s

\n' % html_escape(vtitle)) + w(u'

%s

\n' % xml_escape(vtitle)) # display entity type restriction component etypefilter = self.vreg.select_component('etypenavigation', self.req, self.rset) @@ -137,13 +137,13 @@ w = self.whead lang = self.req.lang self.write_doctype() - w(u'' % html_escape(self.req.base_url())) + w(u'' % xml_escape(self.req.base_url())) w(u'\n' % (content_type, self.req.encoding)) w(u'\n'.join(additional_headers) + u'\n') self.wview('htmlheader', rset=self.rset) if page_title: - w(u'%s\n' % html_escape(page_title)) + w(u'%s\n' % xml_escape(page_title)) def template_body_header(self, view): w = self.w @@ -210,7 +210,7 @@ % (content_type, self.req.encoding)) w(u'\n'.join(additional_headers)) self.wview('htmlheader', rset=self.rset) - w(u'%s\n' % html_escape(page_title)) + w(u'%s\n' % xml_escape(page_title)) self.w(u'\n') def template_footer(self, view=None): @@ -232,7 +232,7 @@ whead(u'\n'.join(additional_headers) + u'\n') self.wview('htmlheader', rset=self.rset) w = self.w - w(u'%s\n' % html_escape(page_title)) + w(u'%s\n' % xml_escape(page_title)) w(u'\n') w(u'
') w(u'\n') @@ -250,7 +250,7 @@ w(u'
\n') vtitle = self.req.form.get('vtitle') if vtitle: - w(u'

%s

' % html_escape(vtitle)) + w(u'

%s

' % xml_escape(vtitle)) def topleft_header(self): self.w(u'
\n') @@ -296,7 +296,7 @@ if urlgetter is not None: url = urlgetter.feed_url() self.whead(u'\n' - % html_escape(url)) + % xml_escape(url)) def pageid(self): req = self.req @@ -452,7 +452,7 @@ def login_form(self, id): _ = self.req._ self.w(u'\n' - % html_escape(login_form_url(self.config, self.req))) + % xml_escape(login_form_url(self.config, self.req))) self.w(u'\n') self.w(u'\n') msg = (self.config['allow-email-login'] and _('login or email')) or _('login')