diff options
author | W. Trevor King <wking@drexel.edu> | 2009-06-22 10:39:05 -0400 |
---|---|---|
committer | W. Trevor King <wking@drexel.edu> | 2009-06-22 10:39:05 -0400 |
commit | cabb531e2300c5643447ccd1ffd311ee5690773a (patch) | |
tree | 37c0a4144c302bba0a885820388db7ef1f96036c /libbe/bug.py | |
parent | fb342df1b66897ab17377d6e923049e292149683 (diff) | |
download | bugseverywhere-cabb531e2300c5643447ccd1ffd311ee5690773a.tar.gz |
Escape XML strings.
Since
<creator>John Doe <jdoe@example.com></creator>
is not valid XML.
Diffstat (limited to 'libbe/bug.py')
-rw-r--r-- | libbe/bug.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/libbe/bug.py b/libbe/bug.py index 59b011b..0e54a1a 100644 --- a/libbe/bug.py +++ b/libbe/bug.py @@ -18,6 +18,7 @@ import os import os.path import errno import time +import xml.sax.saxutils import doctest from beuuid import uuid_gen @@ -261,7 +262,7 @@ class Bug(settings_object.SavedSettingsObject): ret = '<bug>\n' for (k,v) in info: if v is not settings_object.EMPTY: - ret += ' <%s>%s</%s>\n' % (k,v,k) + ret += ' <%s>%s</%s>\n' % (k,xml.sax.saxutils.escape(v),k) if show_comments == True: comout = self.comment_root.xml_thread(auto_name_map=True, |