joepie91/emailparser
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Escape special characters in HTML

Browse source
This commit is contained in:
Sven Slootweg 2012-05-27 13:52:24 +02:00
parent 15d8ab11ce
commit d7f1a35ba5
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
render
View file

@ -22,6 +22,9 @@ parser.add_argument('-a', dest='attachment_dir', action='store', default='attach
args = parser.parse_args()
options = vars(args)
def escape_html_chars(text):
return text.replace("&", "&amp;").replace('"', "&quot;").replace("<", "&lt;").replace(">", "&gt;")
if os.path.isfile(options['database']) == False:
print "Database file not found. Use the -d switch to specify a custom database path."
exit(1)
@ -41,6 +44,11 @@ except OSError:
for message_id, sender, recipient, subject, timestamp, textbody, htmlbody, sha1_hash in cursor.execute("SELECT * FROM emails"):
sender = escape_html_chars(sender)
recipient = escape_html_chars(recipient)
subject = escape_html_chars(subject)
message_id = escape_html_chars(message_id)
versions = {}
if textbody != "":