Browse Source

html escape every string now; fixes #159

master
Julio Biason 15 years ago
parent
commit
b77cd8224f
  1. 10
      mitterlib/ui/ui_pygtk.py

10
mitterlib/ui/ui_pygtk.py

@ -576,14 +576,12 @@ class Interface(object):
processing.""" processing."""
data = store.get_value(position, 0) data = store.get_value(position, 0)
message = data.message
username = data.username
time = timesince.timesince(data.message_time) time = timesince.timesince(data.message_time)
# unescape escaped entities that pango is not okay with # unescape escaped entities that pango is not okay with
message = html_escape(message) message = html_escape(data.message)
username = html_escape(data.username)
full_name = html_escape(data.name)
# highlight URLs # highlight URLs
mask = r'<span foreground="%s">\1</span>' % ( mask = r'<span foreground="%s">\1</span>' % (
@ -612,7 +610,7 @@ class Interface(object):
else: else:
reposted_message = '' reposted_message = ''
markup = MESSAGE_FORMAT % (favourite, data.name, username, markup = MESSAGE_FORMAT % (favourite, full_name, username,
reposted_message, read_status, message, time) reposted_message, read_status, message, time)
cell.set_property('markup', markup) cell.set_property('markup', markup)

Loading…
Cancel
Save