j3d1/schickmacher
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

escape title correctly for use in css content property

Browse source
This commit is contained in:
j3d1 2019-11-13 16:20:22 +01:00
parent 769ad0a3b8
commit 896e7fd7d5
4 changed files with 22 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
schickmacher/renderer/templatetags/__init__.py Normal file
View file

8
schickmacher/renderer/templatetags/extra_filters.py Normal file
View file

@ -0,0 +1,8 @@
from django import template
import re
register = template.Library()
@register.filter
def escape_css_content(value):
return re.sub(r'''['"\n\\]''', lambda m: '\{:06X}'.format(ord(m.group())), value)

12
schickmacher/renderer/tests/test_extra_filters.py Normal file
View file

@ -0,0 +1,12 @@
from schickmacher.renderer.templatetags.extra_filters import escape_css_content
# we use the padded 6 digit css escape sequences
# https://www.w3.org/International/questions/qa-escapes
def test_css_content():
assert escape_css_content("head\"tail") == "head\\000022tail"
assert escape_css_content("head\'tail") == "head\\000027tail"
assert escape_css_content("head\\tail") == "head\\00005Ctail"
assert escape_css_content("head\ntail") == "head\\00000Atail"
assert escape_css_content("\"\"") == "\\000022\\000022"
assert escape_css_content("\\\\") == "\\00005C\\00005C"
assert escape_css_content("ABCD1234<li>") == "ABCD1234<li>"

4
schickmacher/templates/renderer/rendered.html
View file

@ -1,4 +1,4 @@
{% load static compress tz %}<!DOCTYPE html> {% load extra_filters %}{% load static compress tz %}<!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
@ -16,7 +16,7 @@
content: "{{ date | date:'d.m.Y' }}"; content: "{{ date | date:'d.m.Y' }}";
} }
@top-left { @top-left {
content: "{{ title }}" content: "{{ title | escape_css_content | safe }}"
} }
@top-right-corner { @top-right-corner {
} }