| import typing as t |
| |
| from . import Markup |
| |
| |
| def escape(s: t.Any) -> Markup: |
| """Replace the characters ``&``, ``<``, ``>``, ``'``, and ``"`` in |
| the string with HTML-safe sequences. Use this if you need to display |
| text that might contain such characters in HTML. |
| |
| If the object has an ``__html__`` method, it is called and the |
| return value is assumed to already be safe for HTML. |
| |
| :param s: An object to be converted to a string and escaped. |
| :return: A :class:`Markup` string with the escaped text. |
| """ |
| if hasattr(s, "__html__"): |
| return Markup(s.__html__()) |
| |
| return Markup( |
| str(s) |
| .replace("&", "&") |
| .replace(">", ">") |
| .replace("<", "<") |
| .replace("'", "'") |
| .replace('"', """) |
| ) |
| |
| |
| def escape_silent(s: t.Optional[t.Any]) -> Markup: |
| """Like :func:`escape` but treats ``None`` as the empty string. |
| Useful with optional values, as otherwise you get the string |
| ``'None'`` when the value is ``None``. |
| |
| >>> escape(None) |
| Markup('None') |
| >>> escape_silent(None) |
| Markup('') |
| """ |
| if s is None: |
| return Markup() |
| |
| return escape(s) |
| |
| |
| def soft_str(s: t.Any) -> str: |
| """Convert an object to a string if it isn't already. This preserves |
| a :class:`Markup` string rather than converting it back to a basic |
| string, so it will still be marked as safe and won't be escaped |
| again. |
| |
| >>> value = escape("<User 1>") |
| >>> value |
| Markup('<User 1>') |
| >>> escape(str(value)) |
| Markup('&lt;User 1&gt;') |
| >>> escape(soft_str(value)) |
| Markup('<User 1>') |
| """ |
| if not isinstance(s, str): |
| return str(s) |
| |
| return s |