This is Kid doing the "right thing" for a templating system. There are various bad things that can happen if you accidentally bring in HTML content from the wild and display it on your site. So, by default, Kid escapes everything so that the content you provide Kid is displayed exactly as Kid received it.
Sure, seen that before (LJ's content management comes to mind). I guess what threw me the most is that I just *assumed* (bad Jeff!) that there was already some magic in place to handle this since it's a pretty obvious pitfall for anything that does content management (which is a natural thing to do with TG).
You can use the built in XML() function to tell Kid that the incoming content is XML and ready for display. (You can see this in action in the 20 Minute Wiki.)
Damn, I should have realized that the demo covered this. Now I must mourn the wasted bytes.
> I looked at the resulting HTML for case (1) above, and what is happening is > that the < character is being escaped; > is not.
Now that's just weird. Sounds like a bug to me.
Yeah, it does. I can't conceive of any good reason why it's happening.
Hm: kid/kid/serialization.py, XMLSerializer.escape_cdata() we have:
text = text.replace("&", "&")
text = text.replace("<", "<")
but no
text = text.replace("?", ">")
Also HTMLSerializer. Not a > anywhere in the entire file. Can it be broken in two places like this, or would it be elsehwere? (I can't imagine that to be the case).
You weren't using the XML function, were you?
No, but I will be after this :-)
--
"Things fall apart. The Center cannot hold."
- Life as a QA geek, in a nutshell.
Best,
Jeff
