I have found the problem. It's not the HTML helpers that are escaping twise.
The problem is that gluon.contrib.generics.pyfpdf_from_html calls sanitize
on the input.
>>> P("Row's").xml()
'<p>Row's</p>'
>>> from gluon.sanitizer import sanitize
>>> sanitize('<p>Row's</p>')
'<p>Row&#x27;s</p>'
>>> sanitize('<p>Row's</p>', escape=False)
'<p>Row&#x27;s</p>'
This is where things are being escaped twice. So this seems like a bug in
gluon.sanitizer.XssCleaner which shouldn't escape entities that are already
escaped.
Even after this bug is corrected, we would still have to unescape the input
at least in gluon.contrib.generics.pyfpdf_from_html before calling
pdf.write_html since the HTMLParser in fpdf isn't doing it.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
