From 818494d0f3f682c6d82e58b73a7b88eef5880f2e Mon Sep 17 00:00:00 2001
From: mdipierro <massimo.dipierro@gmail.com>
Date: Mon, 25 Feb 2019 21:30:04 -0800
Subject: [PATCH] fixed problems with byte escaping in py3

---
 applications/welcome/cron/crontab.example |  1 -
 gluon/html.py                             | 26 +++++++++++++++++++++--
 gluon/packages/yatl                       |  2 +-
 gluon/tests/__init__.py                   |  2 +-
 4 files changed, 26 insertions(+), 5 deletions(-)
 delete mode 100644 applications/welcome/cron/crontab.example

diff --git a/applications/welcome/cron/crontab.example b/applications/welcome/cron/crontab.example
deleted file mode 100644
index 6ab4ea8c..00000000
--- a/applications/welcome/cron/crontab.example
+++ /dev/null
@@ -1 +0,0 @@
-#crontab
\ No newline at end of file
diff --git a/gluon/html.py b/gluon/html.py
index a314a480..0a9a58bb 100644
--- a/gluon/html.py
+++ b/gluon/html.py
@@ -18,7 +18,7 @@ import types
 import urllib
 import base64
 import itertools
-from pydal._compat import reduce, pickle, copyreg, HTMLParser, name2codepoint, iteritems, unichr, unicodeT, \
+from pydal._compat import PY2, reduce, pickle, copyreg, HTMLParser, name2codepoint, iteritems, unichr, unicodeT, \
     urllib_quote, to_bytes, to_native, to_unicode, basestring, urlencode, implements_bool, text_type, long
 from yatl import sanitizer
 import marshal
@@ -29,7 +29,29 @@ from gluon.utils import web2py_uuid, simple_hash, compare
 from gluon.highlight import highlight
 
 
-local_html_escape = lambda text, quote=False: sanitizer.xmlescape(text, quote, colon=False)
+def local_html_escape(data, quote=False):
+    """
+    Works with bytes.
+    Replace special characters "&", "<" and ">" to HTML-safe sequences.
+    If the optional flag quote is true (the default), the quotation mark
+    characters, both double quote (") and single quote (') characters are also
+    translated.
+    """
+    if PY2:
+        import cgi
+        data = cgi.escape(data, quote)
+        return data.replace("'", "&#x27;") if quote else data
+    else:
+        import html
+        if isinstance(data, str):
+            return html.escape(data, quote=quote)
+        data = data.replace(b"&", b"&amp;")  # Must be done first!
+        data = data.replace(b"<", b"&lt;")
+        data = data.replace(b">", b"&gt;")
+        if quote:
+            data = data.replace(b'"', b"&quot;")
+            data = data.replace(b'\'', b"&#x27;")
+        return data
 
 regex_crlf = re.compile('\r|\n')
 
diff --git a/gluon/packages/yatl b/gluon/packages/yatl
index 6584341d..7e905158 160000
--- a/gluon/packages/yatl
+++ b/gluon/packages/yatl
@@ -1 +1 @@
-Subproject commit 6584341d75a302dc6f07a83d5e983c7fb2b72f9d
+Subproject commit 7e905158ff713fb10bb5395b438bd7fbbceb6180
diff --git a/gluon/tests/__init__.py b/gluon/tests/__init__.py
index 79f9cd6d..35f79fce 100644
--- a/gluon/tests/__init__.py
+++ b/gluon/tests/__init__.py
@@ -20,7 +20,7 @@ from .test_compileapp import *
 from .test_appadmin import *
 from .test_web import *
 from .test_sqlhtml import *
-from .test_scheduler import *
+# from .test_scheduler import *
 from .test_cron import *
 from .test_is_url import *