From c439355c1acdf9e8cd59e5bfdcbcb49a4fb1d72c Mon Sep 17 00:00:00 2001
From: mdipierro <massimo.dipierro@gmail.com>
Date: Sun, 24 Feb 2019 02:10:19 -0800
Subject: [PATCH] removed duplicate function local_html_escape

---
 gluon/highlight.py | 14 +++++++-------
 gluon/html.py      |  8 +++++---
 gluon/languages.py |  9 ++++-----
 gluon/utils.py     | 25 -------------------------
 4 files changed, 16 insertions(+), 40 deletions(-)

diff --git a/gluon/highlight.py b/gluon/highlight.py
index 48c75145..d40b2ac9 100644
--- a/gluon/highlight.py
+++ b/gluon/highlight.py
@@ -7,8 +7,8 @@
 | License: LGPLv3 (http://www.gnu.org/licenses/lgpl.html)
 """
 
-from gluon._compat import xrange
-from gluon.utils import local_html_escape
+from pydal._compat import xrange
+from yatl.sanitizer import xmlescape
 import re
 
 __all__ = ['highlight']
@@ -63,7 +63,7 @@ class Highlighter(object):
         Callback for C specific highlighting.
         """
 
-        value = local_html_escape(match.group(), quote=False)
+        value = xmlescape(match.group(), quote=False)
         self.change_style(token, style)
         self.output.append(value)
 
@@ -77,7 +77,7 @@ class Highlighter(object):
         Callback for python specific highlighting.
         """
 
-        value = local_html_escape(match.group(), quote=False)
+        value = xmlescape(match.group(), quote=False)
         if token == 'MULTILINESTRING':
             self.change_style(token, style)
             self.output.append(value)
@@ -114,7 +114,7 @@ class Highlighter(object):
         Callback for HTML specific highlighting.
         """
 
-        value = local_html_escape(match.group(), quote=False)
+        value = xmlespace(match.group(), quote=False)
         self.change_style(token, style)
         self.output.append(value)
         if token == 'GOTOPYTHON':
@@ -286,13 +286,13 @@ color: #A0A0A0;
                                          'WEB2PY']:
         code = Highlighter(language, link, styles).highlight(code)
     else:
-        code = local_html_escape(code, quote=False)
+        code = xmlespace(code, quote=False)
     lines = code.split('\n')
 
     if counter is None:
         linenumbers = [''] * len(lines)
     elif isinstance(counter, str):
-        linenumbers = [local_html_escape(counter, quote=False)] * len(lines)
+        linenumbers = [xmlespace(counter, quote=False)] * len(lines)
     else:
         linenumbers = [str(i + counter) + '.' for i in
                        xrange(len(lines))]
diff --git a/gluon/html.py b/gluon/html.py
index 6fde94d9..a314a480 100644
--- a/gluon/html.py
+++ b/gluon/html.py
@@ -17,18 +17,20 @@ import copy
 import types
 import urllib
 import base64
-from gluon import sanitizer, decoder
 import itertools
-from gluon._compat import reduce, pickle, copyreg, HTMLParser, name2codepoint, iteritems, unichr, unicodeT, \
+from pydal._compat import reduce, pickle, copyreg, HTMLParser, name2codepoint, iteritems, unichr, unicodeT, \
     urllib_quote, to_bytes, to_native, to_unicode, basestring, urlencode, implements_bool, text_type, long
-from gluon.utils import local_html_escape
+from yatl import sanitizer
 import marshal
 
+from gluon import decoder
 from gluon.storage import Storage
 from gluon.utils import web2py_uuid, simple_hash, compare
 from gluon.highlight import highlight
 
 
+local_html_escape = lambda text, quote=False: sanitizer.xmlescape(text, quote, colon=False)
+
 regex_crlf = re.compile('\r|\n')
 
 join = ''.join
diff --git a/gluon/languages.py b/gluon/languages.py
index 2ed0ed61..78215c05 100644
--- a/gluon/languages.py
+++ b/gluon/languages.py
@@ -19,12 +19,11 @@ import logging
 from cgi import escape
 from threading import RLock
 
-from gluon.utils import local_html_escape
-
-from gluon._compat import copyreg, PY2, maketrans, iterkeys, unicodeT, to_unicode, to_bytes, iteritems, to_native, pjoin
-
+from pydal._compat import copyreg, PY2, maketrans, iterkeys, unicodeT, to_unicode, to_bytes, iteritems, to_native, pjoin
 from pydal.contrib.portalocker import read_locked, LockedFile
 
+from yatl.sanitizer import xmlescape
+
 from gluon.fileutils import listdir
 from gluon.cfs import getcfs
 from gluon.html import XML, xmlescape
@@ -428,7 +427,7 @@ class lazyT(object):
         return len(str(self))
 
     def xml(self):
-        return str(self) if self.M else local_html_escape(str(self), quote=False)
+        return str(self) if self.M else xmlescape(str(self), quote=False)
 
     def encode(self, *a, **b):
         if PY2 and a[0] != 'utf8':
diff --git a/gluon/utils.py b/gluon/utils.py
index c3e5207f..70d78dbd 100644
--- a/gluon/utils.py
+++ b/gluon/utils.py
@@ -439,31 +439,6 @@ def getipaddrinfo(host):
         return []
 
 
-def local_html_escape(data, quote=False):
-    """
-    Works with bytes.
-    Replace special characters "&", "<" and ">" to HTML-safe sequences.
-    If the optional flag quote is true (the default), the quotation mark
-    characters, both double quote (") and single quote (') characters are also
-    translated.
-    """
-    if PY2:
-        import cgi
-        data = cgi.escape(data, quote)
-        return data.replace("'", "&#x27;") if quote else data
-    else:
-        import html
-        if isinstance(data, str):
-            return html.escape(data, quote=quote)
-        data = data.replace(b"&", b"&amp;")  # Must be done first!
-        data = data.replace(b"<", b"&lt;")
-        data = data.replace(b">", b"&gt;")
-        if quote:
-            data = data.replace(b'"', b"&quot;")
-            data = data.replace(b'\'', b"&#x27;")
-        return data
-
-
 def unlocalised_http_header_date(data):
     """
     Converts input datetime to format defined by RFC 7231, section 7.1.1.1