lazr.restful

Merge lp:~cjwatson/lazr.restful/remove-safe_js_escape into lp:lazr.restful

remove-safe_js_escape
Merge into trunk

Proposed by Colin Watson on 2020-09-06

Status:	Merged
Merged at revision:	266
Proposed branch:	lp:~cjwatson/lazr.restful/remove-safe_js_escape
Merge into:	lp:lazr.restful
Diff against target:	80 lines (+6/-25) 3 files modified NEWS.rst (+6/-0) src/lazr/restful/docs/utils.rst (+0/-14) src/lazr/restful/utils.py (+0/-11)
To merge this branch:	bzr merge lp:~cjwatson/lazr.restful/remove-safe_js_escape
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Ioana Lasc (community)		2020-09-06	Approve on 2020-09-07
Review via email: mp+390347@code.launchpad.net

Commit message

Remove lazr.restful.utils.safe_js_escape.

Description of the change

Launchpad hasn't used it since 2012, and it was a confusing interface in that it combined JavaScript and HTML escaping. If any code is still using this, it should use cgi.escape/html.escape (if necessary) and json.dumps directly instead.

Revision history for this message

Ioana Lasc (ilasc) on 2020-09-07:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Colin Watson

Gary Poster

Launchpad code reviewers from Canonical

1	=== modified file 'NEWS.rst'
2	--- NEWS.rst 2020-09-03 18:35:08 +0000
3	+++ NEWS.rst 2020-09-06 23:00:40 +0000
4	@@ -14,6 +14,12 @@
5	Stop ``lazr.restful.utils.make_identifier_safe`` having locale-dependent
6	behaviour.
7
8	+Remove ``lazr.restful.utils.safe_js_escape``. Launchpad hasn't used it
9	+since 2012, and it was a confusing interface in that it combined JavaScript
10	+and HTML escaping. If any code is still using this, it should use
11	+``cgi.escape``/``html.escape`` (if necessary) and ``json.dumps`` directly
12	+instead.
13	+
14	0.22.2 (2020-09-02)
15	===================
16
17
18	=== modified file 'src/lazr/restful/docs/utils.rst'
19	--- src/lazr/restful/docs/utils.rst 2020-09-02 22:22:37 +0000
20	+++ src/lazr/restful/docs/utils.rst 2020-09-06 23:00:40 +0000
21	@@ -344,17 +344,3 @@
22	“foo”.
23	>>> print(smartquote('a lot of "foo"?'))
24	a lot of “foo”?
25	-
26	-safe_js_escape()
27	-================
28	-
29	-This will escape the given text so that it can be used in Javascript
30	-code.
31	-
32	- >>> from lazr.restful.utils import safe_js_escape
33	- >>> print(safe_js_escape('John "nasty" O\'Brien'))
34	- "John "nasty" O'Brien"
35	- >>> print(safe_js_escape("John O\'Brien"))
36	- "John O'Brien"
37	- >>> print(safe_js_escape("John <strong>O\'Brien</strong>"))
38	- "John <strong>O'Brien</strong>"
39
40	=== modified file 'src/lazr/restful/utils.py'
41	--- src/lazr/restful/utils.py 2020-09-03 18:35:08 +0000
42	+++ src/lazr/restful/utils.py 2020-09-06 23:00:40 +0000
43	@@ -12,7 +12,6 @@
44	'implement_from_dict',
45	'make_identifier_safe',
46	'parse_accept_style_header',
47	- 'safe_js_escape',
48	'safe_hasattr',
49	'smartquote',
50	'simple_popen2',
51	@@ -22,7 +21,6 @@
52	]
53
54
55	-import cgi
56	import collections
57	import copy
58	import operator
59	@@ -30,7 +28,6 @@
60	import string
61	import subprocess
62
63	-from simplejson import encoder
64	import six
65
66	from zope.component import getUtility
67	@@ -367,14 +364,6 @@
68	return str
69
70
71	-def safe_js_escape(text):
72	- """Return the given text escaped for use in Javascript code.
73	-
74	- This will also perform a cgi.escape() on the given text.
75	- """
76	- return encoder.encode_basestring(cgi.escape(text, True))
77	-
78	-
79	def get_current_browser_request():
80	"""Return the current browser request, looked up from the interaction.
81