From 7d4222f5cb5c68c7902bf490e801b1a313d8cd97 Mon Sep 17 00:00:00 2001
From: Simon Pieters <zcorpan@gmail.com>
Date: Thu, 19 Nov 2015 14:29:05 +0100
Subject: [PATCH] HTML-escape " for {{GET[foo]}}

This makes it possible to use {{GET[foo]}} in attribute values.
---
 wptserve/pipes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wptserve/pipes.py b/wptserve/pipes.py
index 3f1f1e4554c865..bc4b7bec3b1618 100644
--- a/wptserve/pipes.py
+++ b/wptserve/pipes.py
@@ -419,7 +419,7 @@ def config_replacement(match):
 
         #Should possibly support escaping for other contexts e.g. script
         #TODO: read the encoding of the response
-        return escape(unicode(value)).encode("utf-8")
+        return escape(unicode(value), quote=True).encode("utf-8")
 
     template_regexp = re.compile(r"{{([^}]*)}}")
     new_content, count = template_regexp.subn(config_replacement, content)