This is an automated email from the ASF dual-hosted git repository. kentontaylor pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git
commit 2929b31b61e0b5c14d3c3acf140ec9f0e7671bf0 Author: Dave Brondsema <[email protected]> AuthorDate: Fri Jan 13 13:29:56 2023 -0500 [#8489] py3.8: cgi.escape -> html.escape --- Allura/allura/lib/app_globals.py | 8 ++++---- Allura/allura/lib/helpers.py | 4 ++-- Allura/allura/lib/macro.py | 4 ++-- Allura/allura/lib/phone/nexmo.py | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Allura/allura/lib/app_globals.py b/Allura/allura/lib/app_globals.py index 65279bbca..7fe9ffb16 100644 --- a/Allura/allura/lib/app_globals.py +++ b/Allura/allura/lib/app_globals.py @@ -21,7 +21,7 @@ import re """The application's Globals object""" import logging -import cgi +import html import hashlib import json import datetime @@ -81,7 +81,7 @@ class ForgeMarkdown(markdown.Markdown): # if text is too big, markdown can take a long time to process it, # so we return it as a plain text log.info('Text is too big. Skipping markdown processing') - escaped = cgi.escape(h.really_unicode(source)) + escaped = html.escape(h.really_unicode(source)) return Markup('<pre>%s</pre>' % escaped) try: return super().convert(source) @@ -89,7 +89,7 @@ class ForgeMarkdown(markdown.Markdown): log.info('Invalid markdown: %s Upwards trace is %s', source, ''.join(traceback.format_stack()), exc_info=True) escaped = h.really_unicode(source) - escaped = cgi.escape(escaped) + escaped = html.escape(escaped) return Markup("""<p><strong>ERROR!</strong> The markdown supplied could not be parsed correctly. Did you forget to surround a code snippet with "~~~~"?</p><pre>%s</pre>""" % escaped) @@ -455,7 +455,7 @@ class Globals: if lexer is None or len(text) >= asint(config.get('scm.view.max_syntax_highlight_bytes', 500000)): # no highlighting, but we should escape, encode, and wrap it in # a <pre> - text = cgi.escape(text) + text = html.escape(text) return Markup('<pre>' + text + '</pre>') else: return Markup(pygments.highlight(text, lexer, formatter)) diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py index 7e7600a3d..e0467a56a 100644 --- a/Allura/allura/lib/helpers.py +++ b/Allura/allura/lib/helpers.py @@ -38,7 +38,7 @@ import shlex import socket from functools import partial from io import BytesIO -import cgi +import html import emoji import tg @@ -567,7 +567,7 @@ def diff_text(t1, t2, differ=None): result = [] def escape_list(words_list): - return [cgi.escape(words) for words in words_list] + return [html.escape(words) for words in words_list] for tag, i1, i2, j1, j2 in differ.get_opcodes(): if tag in ('delete', 'replace'): diff --git a/Allura/allura/lib/macro.py b/Allura/allura/lib/macro.py index 0e293037e..f8b8a22f3 100644 --- a/Allura/allura/lib/macro.py +++ b/Allura/allura/lib/macro.py @@ -17,7 +17,7 @@ from __future__ import annotations -import cgi +import html import random import logging import traceback @@ -105,7 +105,7 @@ class parse: log.warn('macro error. Upwards stack is %s', ''.join(traceback.format_stack()), exc_info=True) - msg = cgi.escape(f'[[{s}]] ({repr(ex)})') + msg = html.escape(f'[[{s}]] ({repr(ex)})') return '\n<div class="error"><pre><code>%s</code></pre></div>' % msg def _lookup_macro(self, s): diff --git a/Allura/allura/lib/phone/nexmo.py b/Allura/allura/lib/phone/nexmo.py index 2c3781373..1e20ef802 100644 --- a/Allura/allura/lib/phone/nexmo.py +++ b/Allura/allura/lib/phone/nexmo.py @@ -17,7 +17,7 @@ import logging from six.moves.urllib.parse import urljoin -import cgi +import html import json import requests @@ -59,7 +59,7 @@ class NexmoPhoneService(PhoneService): if str(code) == '3' and msg.endswith(' number'): msg = markupsafe.Markup( '{}{}{}'.format( - cgi.escape(msg), # escape it just in case Nexmo sent some HTML we don't want through + html.escape(msg), # escape it just in case Nexmo sent some HTML we don't want through '<br>Make sure you include the country code (see examples above)', '. For US numbers, you must include <code>1-</code> before the area code.' if len(number) == 10 else '', ))
