[Pkg-mozext-commits] [adblock-plus] 261/464: Locale parsing: Better escaping of data in DTD files
David Prévot
taffit at moszumanska.debian.org
Tue Jul 22 20:44:23 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository adblock-plus.
commit 906b67da99a123dbd5702d6c8f9ef0fd644f3a9b
Author: Wladimir Palant <trev at adblockplus.org>
Date: Wed Jul 4 15:47:08 2012 +0200
Locale parsing: Better escaping of data in DTD files
---
localeTools.py | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/localeTools.py b/localeTools.py
index adcc714..5048dee 100644
--- a/localeTools.py
+++ b/localeTools.py
@@ -4,7 +4,7 @@
# version 2.0 (the "License"). You can obtain a copy of the License at
# http://mozilla.org/MPL/2.0/.
-import re, sys, codecs, cgi, json
+import re, sys, codecs, json
from StringIO import StringIO
from ConfigParser import SafeConfigParser
from xml.parsers.expat import ParserCreate, XML_PARAM_ENTITY_PARSING_ALWAYS
@@ -22,6 +22,12 @@ class OrderedDict(dict):
yield (key, self[key])
done.add(key)
+def escapeEntity(value):
+ return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"')
+
+def unescapeEntity(value):
+ return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"')
+
def parseDTDString(data, path):
result = []
currentComment = [None]
@@ -39,7 +45,7 @@ def parseDTDString(data, path):
currentComment[0] = data.strip()
def EntityDeclHandler(entityName, is_parameter_entity, value, base, systemId, publicId, notationName):
- result.append((entityName, currentComment[0], value))
+ result.append((unescapeEntity(entityName), currentComment[0], unescapeEntity(value.strip())))
currentComment[0] = None
parser.ExternalEntityRefHandler = ExternalEntityRefHandler
@@ -84,7 +90,7 @@ def readFile(path):
def generateStringEntry(key, value, path):
if path.endswith('.dtd'):
- return '<!ENTITY %s "%s">\n' % (cgi.escape(key, True), cgi.escape(value, True))
+ return '<!ENTITY %s "%s">\n' % (escapeEntity(key), escapeEntity(value))
else:
return '%s=%s\n' % (key, value)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/adblock-plus.git
More information about the Pkg-mozext-commits
mailing list