On Tue, Jan 17, 2006 at 08:01:36PM +0300, Oleg Broytmann wrote: -> On Tue, Jan 17, 2006 at 08:40:57AM -0800, Titus Brown wrote: -> > How do you escape "'"? -> > -> > e.g. -> > -> > <input type='text' name='blah' value='%(value)s'> -> > -> > where value="contains'quotes\"of all kinds"? -> -> Python: quoted_value = cgi.escape(value, 1) -> -> HTML : <input type="text" name="blah" value="%(quoted_value)s">
Ahh -- it turns out that htmlescape and cgi.escape(..., 1) both do this properly, but only for '"', not for "'". I assume the <input> up above is technically incorrect because of its use of single quotes, therefore. Well, that's easily correctable in my code... Thanks, guys! cheers, --titus _______________________________________________ Quixote-users mailing list [email protected] http://mail.mems-exchange.org/mailman/listinfo/quixote-users
