1
0
mirror of https://github.com/openSUSE/osc.git synced 2024-12-27 02:16:12 +01:00

Avoid superfluous/excessive usage of _html_escape

When creating a new request via the core.Request.create method, there is
no need to escape the data that is assigned to the "description" attribute
of a core.Request instance. Internally, core.Request.create ensures that
the data, which is POSTed to the api, is correctly escaped (the escaping
is implicitly done by ET (see core.Request.to_str)). Manually escaping the
description results in a double escaping (the escaped description is
escaped by ET again) - this is not the desired behavior.
Analogously, there is no need to escape the data that is passed to the
message parameter of the core.create_submit_request function because
core.create_submit_request takes care of escaping it.

Fixes: #869 ("Silly encoding of htmlencodable entities")
This commit is contained in:
Marcus Huewe 2020-11-28 17:46:44 +01:00
parent 926c2eb422
commit fbea0ea729
2 changed files with 7 additions and 7 deletions

View File

@ -1976,7 +1976,7 @@ Please submit there instead, or use --nodevelproject to force direct submission.
else: else:
r.add_action('add_role', tgt_project=project, tgt_package=package, r.add_action('add_role', tgt_project=project, tgt_package=package,
person_name=user, person_role=role) person_name=user, person_role=role)
r.description = _html_escape(opts.message or '') r.description = opts.message
r.create(apiurl) r.create(apiurl)
print(r.reqid) print(r.reqid)
@ -2043,7 +2043,7 @@ Please submit there instead, or use --nodevelproject to force direct submission.
r = Request() r = Request()
r.add_action('delete', tgt_project=project, tgt_package=package, tgt_repository=repository) r.add_action('delete', tgt_project=project, tgt_package=package, tgt_repository=repository)
r.description = _html_escape(opts.message) r.description = opts.message
if opts.accept_in_hours: if opts.accept_in_hours:
r.accept_at_in_hours(int(opts.accept_in_hours)) r.accept_at_in_hours(int(opts.accept_in_hours))
r.create(self.get_api_url()) r.create(self.get_api_url())
@ -2093,7 +2093,7 @@ Please submit there instead, or use --nodevelproject to force direct submission.
r = Request() r = Request()
r.add_action('change_devel', src_project=devel_project, src_package=devel_package, r.add_action('change_devel', src_project=devel_project, src_package=devel_package,
tgt_project=project, tgt_package=package) tgt_project=project, tgt_package=package)
r.description = _html_escape(opts.message) r.description = opts.message
r.create(self.get_api_url()) r.create(self.get_api_url())
print(r.reqid) print(r.reqid)
@ -2661,7 +2661,7 @@ Please submit there instead, or use --nodevelproject to force direct submission.
project, package) project, package)
msg = "%s (forwarded request %s from %s)" % (rq.description, reqid, rq.creator) msg = "%s (forwarded request %s from %s)" % (rq.description, reqid, rq.creator)
rid = create_submit_request(apiurl, action.tgt_project, action.tgt_package, rid = create_submit_request(apiurl, action.tgt_project, action.tgt_package,
project, package, _html_escape(msg)) project, package, msg)
print(msg) print(msg)
print("New request #", rid) print("New request #", rid)
for req in reqs: for req in reqs:
@ -3169,7 +3169,7 @@ Please submit there instead, or use --nodevelproject to force direct submission.
r.add_action('release', src_project=source_project, src_package=pac) r.add_action('release', src_project=source_project, src_package=pac)
else: else:
r.add_action('release', src_project=source_project) r.add_action('release', src_project=source_project)
r.description = _html_escape(opts.message) r.description = opts.message
r.create(apiurl) r.create(apiurl)
print(r.reqid) print(r.reqid)

View File

@ -4191,7 +4191,7 @@ def create_release_request(apiurl, src_project, message=''):
# api will complete the request # api will complete the request
r.add_action('maintenance_release', src_project=src_project) r.add_action('maintenance_release', src_project=src_project)
# XXX: clarify why we need the unicode(...) stuff # XXX: clarify why we need the unicode(...) stuff
r.description = _html_escape(unicode(message, 'utf8')) r.description = unicode(message, 'utf8')
r.create(apiurl) r.create(apiurl)
return r return r
@ -4204,7 +4204,7 @@ def create_maintenance_request(apiurl, src_project, src_packages, tgt_project, t
else: else:
r.add_action('maintenance_incident', src_project=src_project, tgt_project=tgt_project, tgt_releaseproject=tgt_releaseproject, opt_sourceupdate = opt_sourceupdate) r.add_action('maintenance_incident', src_project=src_project, tgt_project=tgt_project, tgt_releaseproject=tgt_releaseproject, opt_sourceupdate = opt_sourceupdate)
# XXX: clarify why we need the unicode(...) stuff # XXX: clarify why we need the unicode(...) stuff
r.description = _html_escape(unicode(message, 'utf8')) r.description = unicode(message, 'utf8')
r.create(apiurl, addrevision=True, enforce_branching=enforce_branching) r.create(apiurl, addrevision=True, enforce_branching=enforce_branching)
return r return r