Ampersands in folder/file names not escaped in HTML
Brought to you by:
gstein
Menu
▾
▴
#19 Ampersands in folder/file names not escaped in HTML
enda's HTML output doesn't escape ampersands in directory names or file names.
I've got an artist name with an ampersand in it causing the HTML edna puts out to not validate (the nested tables hack for padding in the default.ezt is another thing entirely).
The fix is simple- just escape the file/directory name in the 2 places where subdirs.append() is used.
Change:
text=name
To:
text=cgi.escape(name)
Not sure if there's much point in even attaching something so simple, but I made a diff of the changes needed and have attached it.
Patch to escape ampersands in filenames to HTML entity
Logged In: YES
user_id=720585
Originator: YES
I see now that there are other objects (this is my first time looking at Python, so I'm not sure if they're collections or what) besides subdirs that need to have the .append lines fixed as well. I guess those need to be fixed too.