Escaping in HTML

11 views
Skip to first unread message

Haoyu Bai

unread,
Apr 20, 2009, 5:04:58 AM4/20/09
to clonedigg...@googlegroups.com
Hi,

There is a tiny patch that do proper character escaping for HTML
report. Without the escaping, some code may mess up the HTML report.

-- Haoyu Bai

escape.diff

Peter Bulychev

unread,
Apr 20, 2009, 7:28:49 AM4/20/09
to clonedigg...@googlegroups.com
Thank you!

I patched the tool :)

2009/4/20 Haoyu Bai <divi...@gmail.com>
Index: html_report.py
===================================================================
--- html_report.py      (revision 207)
+++ html_report.py      (working copy)
@@ -22,6 +22,7 @@
 import re
 import copy
 import traceback
+from cgi import escape

 import arguments
 import anti_unification
@@ -116,11 +117,12 @@
                        for i in range(len(blocks)):
                            block = blocks[i]
                            for j in [0,1]:
-                                r[j] += seqs[j][block[j]:block[j]+block[2]]
+                                r[j] += escape(seqs[j][block[j]:block[j]+block[2]])
                            if (i < (len(blocks)-1)):
                                nextblock = blocks[i+1]
                                for j in [0,1]:
-                                    r[j] += '<span'+very_strange_const+'style="color:rgb(255,0,0);">%s</span>'%(seqs[j][block[j]+block[2]:nextblock[j]],)
+                                    r[j] += '<span'+very_strange_const+'style="color:rgb(255,0,0);">%s</span>'%\
+                                                (escape(seqs[j][block[j]+block[2]:nextblock[j]]),)
                        return r
                    # preparation of indentation
                    indentations = (set(), set())




--
Best regards,
  Peter Bulychev.
Reply all
Reply to author
Forward
0 new messages