Главная Обзор Помощь
Вход
SMusatov
/
ydb
зеркало из https://github.com/ydb-platform/ydb.git
1
0
Ответвить 0
Файлы
Дерево: 5759d6f69e
Ветки Метки
ydb
/
contrib
/
python
/
MarkupSafe
/
py2
/
README.rst

README.rst 2.1 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. MarkupSafe
    2. 

  2. ==========
    3. 

  3. 

  4. MarkupSafe implements a text object that escapes characters so it is
    5. 

  5. safe to use in HTML and XML. Characters that have special meanings are
    6. 

  6. replaced so that they display as the actual characters. This mitigates
    7. 

  7. injection attacks, meaning untrusted user input can safely be displayed
    8. 

  8. on a page.
    9. 

  9. 

  10. 

  11. Installing
    12. 

  12. ----------
    13. 

  13. 

  14. Install and update using `pip`_:
    15. 

  15. 

  16. .. code-block:: text
    17. 

  17. 

  18.     pip install -U MarkupSafe
    19. 

  19. 

  20. .. _pip: https://pip.pypa.io/en/stable/quickstart/
    21. 

  21. 

  22. 

  23. Examples
    24. 

  24. --------
    25. 

  25. 

  26. .. code-block:: pycon
    27. 

  27. 

  28.     >>> from markupsafe import Markup, escape
    29. 

  29.     >>> # escape replaces special characters and wraps in Markup
    30. 

  30.     >>> escape('<script>alert(document.cookie);</script>')
    31. 

  31.     Markup(u'&lt;script&gt;alert(document.cookie);&lt;/script&gt;')
    32. 

  32.     >>> # wrap in Markup to mark text "safe" and prevent escaping
    33. 

  33.     >>> Markup('<strong>Hello</strong>')
    34. 

  34.     Markup('<strong>hello</strong>')
    35. 

  35.     >>> escape(Markup('<strong>Hello</strong>'))
    36. 

  36.     Markup('<strong>hello</strong>')
    37. 

  37.     >>> # Markup is a text subclass (str on Python 3, unicode on Python 2)
    38. 

  38.     >>> # methods and operators escape their arguments
    39. 

  39.     >>> template = Markup("Hello <em>%s</em>")
    40. 

  40.     >>> template % '"World"'
    41. 

  41.     Markup('Hello <em>&#34;World&#34;</em>')
    42. 

  42. 

  43. 

  44. Donate
    45. 

  45. ------
    46. 

  46. 

  47. The Pallets organization develops and supports MarkupSafe and other
    48. 

  48. libraries that use it. In order to grow the community of contributors
    49. 

  49. and users, and allow the maintainers to devote more time to the
    50. 

  50. projects, `please donate today`_.
    51. 

  51. 

  52. .. _please donate today: https://palletsprojects.com/donate
    53. 

  53. 

  54. 

  55. Links
    56. 

  56. -----
    57. 

  57. 

  58. *   Website: https://palletsprojects.com/p/markupsafe/
    59. 

  59. *   Documentation: https://markupsafe.palletsprojects.com/
    60. 

  60. *   License: `BSD-3-Clause <https://github.com/pallets/markupsafe/blob/master/LICENSE.rst>`_
    61. 

  61. *   Releases: https://pypi.org/project/MarkupSafe/
    62. 

  62. *   Code: https://github.com/pallets/markupsafe
    63. 

  63. *   Issue tracker: https://github.com/pallets/markupsafe/issues
    64. 

  64. *   Test status:
    65. 

  65. 

  66.     *   Linux, Mac: https://travis-ci.org/pallets/markupsafe
    67. 

  67.     *   Windows: https://ci.appveyor.com/project/pallets/markupsafe
    68. 

  68. 

  69. *   Test coverage: https://codecov.io/gh/pallets/markupsafe
    70.