diff options
author | rakvat <rakvat@users.noreply.github.com> | 2020-05-08 17:25:03 +0200 |
---|---|---|
committer | rakvat <rakvat@users.noreply.github.com> | 2020-05-08 17:25:03 +0200 |
commit | 21a0e62915b4c1275a08a46631fad5376355b9df (patch) | |
tree | 58e51baf36196fad3440d6d4c8ad2c5aa76a00aa | |
parent | e90430bed2ba62a751bf43ff367576e84b9130f6 (diff) | |
download | pysaml2-21a0e62915b4c1275a08a46631fad5376355b9df.tar.gz |
fix escape not in cgi for newer pythons
-rwxr-xr-x | example/sp-wsgi/sp.py | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/example/sp-wsgi/sp.py b/example/sp-wsgi/sp.py index bec6747f..bd8a9578 100755 --- a/example/sp-wsgi/sp.py +++ b/example/sp-wsgi/sp.py @@ -2,7 +2,10 @@ from __future__ import print_function import argparse -import cgi +try: + import html +except: + import cgi as html import importlib import logging import os @@ -48,6 +51,9 @@ from saml2.s_utils import sid from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.samlp import Extensions +def _html_escape(payload): + return html.escape(payload, quote=True) + logger = logging.getLogger("") hdlr = logging.FileHandler("spx.log") base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") @@ -699,7 +705,7 @@ def main(environ, start_response, sp): body = dict_to_table(user.data) body.append( "<br><pre>{authn_stmt}</pre>".format( - authn_stmt=cgi.escape(user.authn_statement) + authn_stmt=_html_escape(user.authn_statement) ) ) body.append("<br><a href='/logout'>logout</a>") |