On 01/03/2011 13:13, Malthe Borch wrote:
On 1 March 2011 12:00, Chris Withers<ch...@simplistix.co.uk>  wrote:
<div class="batcher"

...doesn't appear to quote the html in the "pager" variable.
This is different from normal zpt, why the change?

It should definitely escape it in exactly the same way.

Well, I'd expect the above to be escaped.

...and it partially is:

html = '&raquo; <b>bar</bar>'
<div tal:content="html"/>


<div>&raquo; &lt;b&gt;bar&lt;/bar&gt;</div>

So, it's quoting the tags but not the entities. Bug, no?

Also, as a corollary, the following appears to be a no-op:

<div class="structure batcher"

Am I right?

Yes, but that's firstly because you need to use ``tal:attributes``,
secondly because there is no "structure" keyword for attributes. It is
simply not allowed to *not* escape an attribute value.

Sorry, that was just a typo on my part, should have read:

<div class="batcher"
     tal:content="structure pager"/>



Simplistix - Content Management, Batch Processing & Python Consulting
           - http://www.simplistix.co.uk
Repoze-dev mailing list

Reply via email to