I have a string where special characters like '
or "
or &
(...) can appear. In the string:
string = """ Hello "XYZ" this 'is' a test & so on """
how can I automatically escape every special character, so that I get this:
string = " Hello "XYZ" this 'is' a test & so on "
You must keep in mind that inside the <> is also html. In that case skipping > will break. If you're only escaping for between tags then you probably only need escape < and &.
To insert characters that are illegal in a string, use an escape character. An escape character is a backslash \ followed by the character you want to insert.
In Python strings, the backslash "\" is a special character, also called the "escape" character. It is used in representing certain whitespace characters: "\t" is a tab, "\n" is a newline, and "\r" is a carriage return. Conversely, prefixing a special character with "\" turns it into an ordinary character.
In Python 3.2, you could use the html.escape
function, e.g.
>>> string = """ Hello "XYZ" this 'is' a test & so on """ >>> import html >>> html.escape(string) ' Hello "XYZ" this 'is' a test & so on '
For earlier versions of Python, check http://wiki.python.org/moin/EscapingHtml:
The
cgi
module that comes with Python has anescape()
function:import cgi s = cgi.escape( """& < >""" ) # s = "& < >"
However, it doesn't escape characters beyond
&
,<
, and>
. If it is used ascgi.escape(string_to_escape, quote=True)
, it also escapes"
.
Here's a small snippet that will let you escape quotes and apostrophes as well:
html_escape_table = { "&": "&", '"': """, "'": "'", ">": ">", "<": "<", } def html_escape(text): """Produce entities within text.""" return "".join(html_escape_table.get(c,c) for c in text)
You can also use
escape()
fromxml.sax.saxutils
to escape html. This function should execute faster. Theunescape()
function of the same module can be passed the same arguments to decode a string.from xml.sax.saxutils import escape, unescape # escape() and unescape() takes care of &, < and >. html_escape_table = { '"': """, "'": "'" } html_unescape_table = {v:k for k, v in html_escape_table.items()} def html_escape(text): return escape(text, html_escape_table) def html_unescape(text): return unescape(text, html_unescape_table)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With