[KSS-checkins] r49577 - kukit/kss.core/branch/payload-fixes/kss/core

Sun, 09 Dec 2007 10:17:37 -0800 

Author: jvloothuis
Date: Sun Dec  9 19:17:32 2007
New Revision: 49577

Modified:
   kukit/kss.core/branch/payload-fixes/kss/core/commands.py
Log:

Fixed the protocol so that it now properly escapes CDATA sections, 
transparently converts large text data to CDATA and escapes small text data 
using proper XML escaping.


Modified: kukit/kss.core/branch/payload-fixes/kss/core/commands.py
==============================================================================
--- kukit/kss.core/branch/payload-fixes/kss/core/commands.py    (original)
+++ kukit/kss.core/branch/payload-fixes/kss/core/commands.py    Sun Dec  9 
19:17:32 2007
@@ -22,6 +22,7 @@
 in the defined format
 '''
 
+from xml.sax.saxutils import escape as xml_escape
 from zope.interface import implements
 from zope.app.pagetemplate.viewpagetemplatefile import ViewPageTemplateFile
 from interfaces import IKSSCommands, IKSSCommand, IKSSParam, IKSSCommandView
@@ -106,6 +107,16 @@
     # just send complex data types directly with AddParam
 
     def addParam(self, name, content=''):
+        # Check for the size of the content. Larger than 4K will give
+        # problems with Firefox (which splits text nodes). Therefore
+        # we give this special treatment.
+        if len(content) > (4 * 1024):
+            return self.addCdataParam(name, content)
+        else:
+            # Escape all XML characters
+            return self._addParam(name, content=xml_escape(content))
+
+    def _addParam(self, name, content=''):
         'Add the param as is'
         param = KSSParam(name, content)
         self.params.append(param)
@@ -114,15 +125,14 @@
     #
     # Some helpers
     #
-
-    def addUnicodeParam(self, name, content=''):
+    def addUnicodeParam(self, name, content=u''):
         'Add the param as unicode'
-        self.addParam(name, content=content)
+        self.addParam(name, content)
 
-    def addStringParam(self, name, content='', encoding='utf'):
+    def addStringParam(self, name, content='', encoding='utf8'):
         'Add the param as an encoded string, by default UTF-8'
-        content = unicode(content, 'utf')
-        self.addParam(name, content=content)
+        content = unicode(content, encoding)
+        self.addUnicodeParam(name, content=content)
 
     def addHtmlParam(self, name, content=''):
         'Add the param as an HTML content.'
@@ -134,12 +144,14 @@
     def addXmlParam(self, name, content=''):
         'Add the param as XML content'
         content = XmlParser(content)().encode('ascii', 'xmlcharrefreplace')
-        self.addParam(name, content=content)
+        self._addParam(name, content=content)
 
     def addCdataParam(self, name, content=''):
         'Add the param as a CDATA node'
-        content = '<![CDATA[%s]]>' % (content, )
-        self.addParam(name, content=content)
+        # Replace `>` part of `]]>` with the entity ref so it won't
+        # accidentally close the CDATA (required by the XML spec)
+        content = '<![CDATA[%s]]>' % content.replace(']]>', ']]&gt;')
+        self._addParam(name, content=content)
 
 
     # --
_______________________________________________
Kukit-checkins mailing list
[email protected]
http://codespeak.net/mailman/listinfo/kukit-checkins

Reply via email to