From 2c2320facaf5524955f5a2c8c6b789fc203d795b Mon Sep 17 00:00:00 2001 From: William McBrine Date: Thu, 5 Jun 2014 23:53:08 -0400 Subject: [PATCH] escape doesn't make sense in HTML. Possibly some of these should be quoted instead. --- httpserver.py | 7 +++---- plugins/togo/templates/npl.tmpl | 12 ++++++------ plugins/togo/togo.py | 2 -- plugins/video/templates/container_html.tmpl | 16 ++++++++-------- 4 files changed, 17 insertions(+), 20 deletions(-) diff --git a/httpserver.py b/httpserver.py index 37b489c..d1162d6 100644 --- a/httpserver.py +++ b/httpserver.py @@ -354,7 +354,7 @@ class TivoHTTPHandler(BaseHTTPServer.BaseHTTPRequestHandler): t.togo += ('' + escape(config.tivos[tsn]['name']) + + '">' + config.tivos[tsn]['name'] + '
') elif plugin_type and t.shares: plugin = GetPlugin(plugin_type) @@ -367,8 +367,7 @@ class TivoHTTPHandler(BaseHTTPServer.BaseHTTPRequestHandler): self.send_html(str(t)) def unsupported(self, query): - message = UNSUP % '\n'.join(['
  • %s: %s
    • ' % (escape(key), - escape(repr(value))) + message = UNSUP % '\n'.join(['
  • %s: %s
    • ' % (key, repr(value)) for key, value in query.items()]) text = BASE_HTML % message self.send_html(text, code=404) @@ -376,7 +375,7 @@ class TivoHTTPHandler(BaseHTTPServer.BaseHTTPRequestHandler): def redir(self, message, seconds=2): url = self.headers.getheader('Referer') if url: - message += RELOAD % (escape(url), seconds) + message += RELOAD % (url, seconds) refresh = '%d; url=%s' % (seconds, url) else: refresh = '' diff --git a/plugins/togo/templates/npl.tmpl b/plugins/togo/templates/npl.tmpl index 548c3d0..9d97e95 100644 --- a/plugins/togo/templates/npl.tmpl +++ b/plugins/togo/templates/npl.tmpl @@ -12,9 +12,9 @@ #if $folder != '' #end if -Pull from $escape($tname) +Pull from $tname #if $folder != '' - / $escape($title) + / $title #end if

    @@ -45,7 +45,7 @@ Pull from $escape($tname) ## This is a show
    #if 'Url' in $row and not ($row['Url'] in $status and ($status[$row['Url']]['running'] or $status[$row['Url']]['queued'])) and not ('CopyProtected' in $row and $row['CopyProtected'] == 'Yes') and not ('Icon' in $row and $row['Icon'] == 'urn:tivo:image:in-progress-recording') - + #end if @@ -66,12 +66,12 @@ Pull from $escape($tname) #if 'episodeTitle' in $row - $escape($row['title']): $escape($row['episodeTitle']) + $row['title']: $row['episodeTitle'] #else - $escape($row['title']) + $row['title'] #end if #if 'description' in $row - $escape($row['description']) + $row['description'] #end if #if 'displayMajorNumber' in $row and 'callsign' in $row $row['displayMajorNumber'] $row['callsign'] diff --git a/plugins/togo/togo.py b/plugins/togo/togo.py index a7d66f8..a68c2e7 100644 --- a/plugins/togo/togo.py +++ b/plugins/togo/togo.py @@ -8,7 +8,6 @@ import urllib2 import urlparse from urllib import quote, unquote from xml.dom import minidom -from xml.sax.saxutils import escape from Cheetah.Template import Template @@ -211,7 +210,6 @@ class ToGo(Plugin): title = '' t = Template(NPL_TEMPLATE, filter=EncodeUnicode) - t.escape = escape t.quote = quote t.folder = folder t.status = status diff --git a/plugins/video/templates/container_html.tmpl b/plugins/video/templates/container_html.tmpl index 37ae2d2..3784fff 100644 --- a/plugins/video/templates/container_html.tmpl +++ b/plugins/video/templates/container_html.tmpl @@ -13,7 +13,7 @@ #if len($folders) > 1 #end if -Push from $escape($folders[0]) +Push from $folders[0] #if len($folders) > 1 #if len($folders) > 2 @@ -22,7 +22,7 @@ Push from $escape($folders[0]) / $n #end for #end if -/ $escape($folders[-1]) +/ $folders[-1] #end if

    @@ -43,18 +43,18 @@ Push from $escape($folders[0]) #else ## This is a show
    - + #if $video.episodeTitle - $escape($video.title): $escape($video.episodeTitle) + $video.title: $video.episodeTitle #else - $escape($video.title) + $video.title #end if #if $video.description - $escape($video.description) + $video.description #end if #if $video.displayMajorNumber and $video.callsign $video.displayMajorNumber $video.callsign @@ -69,11 +69,11 @@ Push from $escape($folders[0])

    - + -- 2.11.4.GIT