HTML-escape " for {{GET[foo]}}

This makes it possible to use {{GET[foo]}} in attribute values.
web-platform-tests · Nov 19, 2015 · 7d4222f · 7d4222f
1 parent b6b082f
commit 7d4222f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/wptserve/pipes.py b/wptserve/pipes.py
@@ -419,7 +419,7 @@ def config_replacement(match):
 
         #Should possibly support escaping for other contexts e.g. script
         #TODO: read the encoding of the response
-        return escape(unicode(value)).encode("utf-8")
+        return escape(unicode(value), quote=True).encode("utf-8")
 
     template_regexp = re.compile(r"{{([^}]*)}}")
     new_content, count = template_regexp.subn(config_replacement, content)