[issue5752] xml.dom.minidom does not escape CR, LF and TAB characters within attribute values

W. Trevor King Tue, 03 Aug 2010 03:32:11 -0700

W. Trevor King <[email protected]> added the comment:

And while we're at it, we should also


   .replace('&', '&amp;').replace('"', "&quot;").replace('<', '&lt;')

which would have to go at the beginning to avoid double-escaping the '&'.

We could use xml.sax.saxutils.escape to do all the escaping rather than 
chaining replaces:

   data = escape(data, {'"':'&quot;', '\r':'&#xD;', '\n':'&#xA;', '\t':'&#x9;'})

which also escapes '>' (not strictly required for attribute values, but 
shouldn't be harmful either).

----------

_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue5752>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue5752] xml.dom.minidom does not escape CR, LF and TAB characters within attribute values

Reply via email to