Python Input Sanitization

Question

I need to do some very quick-n-dirty input sanitizing and I would like to basically convert all <, > to <, >.

I'd like to achieve the same results as '<script></script>'.replace('<', '&lt;').replace('>', '&gt;') without having to iterate the string multiple times. I know about maketrans in conjunction with str.translate (ie. http://www.tutorialspoint.com/python/string_translate.htm) but this only converts from 1 char to another char. In other words, one cannot do something like:

inList = '<>'
outList = ['&lt;', '&gt;']
transform = maketrans(inList, outList)

Is there a builtin function that can do this conversion in a single iteration?

I'd like to use builtin capabilities as opposed to external modules. I already know about Bleach.

Answer 1

Use html.escape() - cgi.escape() is deprecated in Python 3

import html
input = '<>&'
output = html.escape(input)
print(output)

&lt;&gt;&amp;