From 0c5e77929c88a92218ca9d094afe933cf836af63 Mon Sep 17 00:00:00 2001 From: TechupBusiness Date: Wed, 30 Oct 2019 00:43:15 +0100 Subject: [PATCH] [TASK] Improve html entity encoding --- syncthing_gtk/app.py | 1 - syncthing_gtk/infobox.py | 3 ++- syncthing_gtk/tools.py | 3 +++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/syncthing_gtk/app.py b/syncthing_gtk/app.py index 6e907b1d..dbe049fd 100644 --- a/syncthing_gtk/app.py +++ b/syncthing_gtk/app.py @@ -1406,7 +1406,6 @@ def show_folder(self, id, label, path, folder_type, ignore_perms, rescan_interva title = display_path if label not in (None, ""): title = label - title = title.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''') if id in self.folders: # Reuse existing box box = self.folders[id] diff --git a/syncthing_gtk/infobox.py b/syncthing_gtk/infobox.py index 4d8a3327..6d31859e 100644 --- a/syncthing_gtk/infobox.py +++ b/syncthing_gtk/infobox.py @@ -7,7 +7,7 @@ from __future__ import unicode_literals from gi.repository import Gtk, Gdk, GLib, GObject, Pango, Rsvg from syncthing_gtk.ribar import RevealerClass -from syncthing_gtk.tools import _ # gettext function +from syncthing_gtk.tools import _, escape_html_entities # _ is gettext function import os, logging, math log = logging.getLogger("InfoBox") @@ -313,6 +313,7 @@ def on_leave_notify(self, eb, event, *data): ### Methods def set_title(self, t): + t = escape_html_entities(t) self.str_title = t inverted = self.header_inverted and self.dark_color is None col = "black" if inverted else "white" diff --git a/syncthing_gtk/tools.py b/syncthing_gtk/tools.py index 961fe1d2..b8525aa1 100644 --- a/syncthing_gtk/tools.py +++ b/syncthing_gtk/tools.py @@ -558,3 +558,6 @@ def generate_folder_id(): ("".join(random.choice(string.ascii_lowercase + string.digits) for _ in range(5))) for _ in range(2) )) + +def escape_html_entities(string): + return string.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''')