No the escaping is not done in the RSS2 module, I checked. Firefox is displaying the form and everything I posted as a comment.... bad bad bad!
I fixed it by calling XML sanitize as I was looping through the rows. I do think there should be a note about this? ... description=XML(row.comment.content, sanitize=True, permitted_tags=[]).xml(), ... -Thadeus On Tue, Nov 24, 2009 at 12:47 AM, mdipierro <mdipie...@cs.depaul.edu> wrote: > > I think it does but not there. It calls gluon.serializers.rss which > calls gluon.contrib.rss2.dumps. This is a standard python module for > RSS. This module uses SAX for generating XML+RSS. > > generic.rss does not escape because the data passed to it is already > in XML. > > The escaping should be done by the RSS2 module. Is it not? Are you > having a problem with it? > > Massimo > > > > On Nov 24, 12:13 am, Thadeus Burgess <thade...@thadeusb.com> wrote: > > Why does the generic.rss default to non-escaped output? > > > > -Thadeus > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
