On 08/04/12 00:01, lkcl luke wrote: > On Sat, Apr 7, 2012 at 4:45 PM, Phil Charlesworth > <[email protected]> wrote: > >> Peter, >> Thanks for sorting out Pyjamas logging - a great improvement. One >> point which I suggested during an earlier thread is still outstanding >> however. >> >> Here is the code for ApendHandler.emit >> >> (pyjamas/library/pyjamas/logging/handlers.py, class AppendHandler) >> def emit(self, record): >> msg = self.format(record) >> msg = msg.replace("\n", "<br/>\n") + "<br/>\n" >> self.output += msg >> self.__addLogElement() >> DOM.setInnerHTML(self.div, self.output) >> >> The text in msg is going straight into DOM.setInnerHTML, so it had >> better be legal HTML. You have recognised the need to convert line >> terminators into break tags but I think you should also escape&,< and >> >. This can be done very simply by adding >> msg = cgi.escape(msg) >> immediately before the line >> msg = msg.replace("\n", "<br/>\n") + "<br/>\n" >> > ahh there's actually a function in __pyjamas__.py called unescape, it > would be good to have a corresponding version escape, then have cgi > call that. then it would not be necessary to import the entire cgi > module. > > l. > Two points: 1. In a comment at the head of the __pyjamas__.py file it says # This is the gtk-dependent __pyjamas__ module. # In javascript this module is not needed, any imports of this module # are removed by the translator. so this doesn't look like a good place from which to import something. 2. The pyjs version of the cgi module contains nothing but the the escape function, so importing it is not going to add any burden of unused code.
P.
