5 * This module implements functions for automatic escaping in C for better
6 * performance. Additionally it defines a `tb_set_next` function to patch the
7 * debug traceback. If the speedups module is not compiled a ctypes
8 * implementation of `tb_set_next` and Python implementations of the other
11 * :copyright: (c) 2009 by the Jinja Team.
17 #define ESCAPED_CHARS_TABLE_SIZE 63
18 #define UNICHR(x) (((PyUnicodeObject*)PyUnicode_DecodeASCII(x, strlen(x), NULL))->str);
20 #if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN)
21 typedef int Py_ssize_t;
22 #define PY_SSIZE_T_MAX INT_MAX
23 #define PY_SSIZE_T_MIN INT_MIN
27 static PyObject* markup;
28 static Py_ssize_t escaped_chars_delta_len[ESCAPED_CHARS_TABLE_SIZE];
29 static Py_UNICODE *escaped_chars_repl[ESCAPED_CHARS_TABLE_SIZE];
35 /* happing of characters to replace */
36 escaped_chars_repl['"'] = UNICHR(""");
37 escaped_chars_repl['\''] = UNICHR("'");
38 escaped_chars_repl['&'] = UNICHR("&");
39 escaped_chars_repl['<'] = UNICHR("<");
40 escaped_chars_repl['>'] = UNICHR(">");
42 /* lengths of those characters when replaced - 1 */
43 memset(escaped_chars_delta_len, 0, sizeof (escaped_chars_delta_len));
44 escaped_chars_delta_len['"'] = escaped_chars_delta_len['\''] = \
45 escaped_chars_delta_len['&'] = 4;
46 escaped_chars_delta_len['<'] = escaped_chars_delta_len['>'] = 3;
48 /* import markup type so that we can mark the return value */
49 module = PyImport_ImportModule("jinja2.utils");
52 markup = PyObject_GetAttrString(module, "Markup");
59 escape_unicode(PyUnicodeObject *in)
62 Py_UNICODE *inp = in->str;
63 const Py_UNICODE *inp_end = in->str + in->length;
64 Py_UNICODE *next_escp;
66 Py_ssize_t delta=0, erepl=0, delta_len=0;
68 /* First we need to figure out how long the escaped string will be */
69 while (*(inp) || inp < inp_end) {
70 if (*inp < ESCAPED_CHARS_TABLE_SIZE && escaped_chars_delta_len[*inp]) {
71 delta += escaped_chars_delta_len[*inp];
77 /* Do we need to escape anything at all? */
83 out = (PyUnicodeObject*)PyUnicode_FromUnicode(NULL, in->length + delta);
90 /* look for the next substitution */
92 while (next_escp < inp_end) {
93 if (*next_escp < ESCAPED_CHARS_TABLE_SIZE &&
94 (delta_len = escaped_chars_delta_len[*next_escp])) {
101 if (next_escp > inp) {
102 /* copy unescaped chars between inp and next_escp */
103 Py_UNICODE_COPY(outp, inp, next_escp-inp);
104 outp += next_escp - inp;
107 /* escape 'next_escp' */
108 Py_UNICODE_COPY(outp, escaped_chars_repl[*next_escp], delta_len);
114 Py_UNICODE_COPY(outp, inp, in->length - (inp - in->str));
116 return (PyObject*)out;
121 escape(PyObject *self, PyObject *text)
123 PyObject *s = NULL, *rv = NULL, *html;
125 /* we don't have to escape integers, bools or floats */
126 if (PyInt_CheckExact(text) || PyLong_CheckExact(text) ||
127 PyFloat_CheckExact(text) || PyBool_Check(text) ||
129 return PyObject_CallFunctionObjArgs(markup, text, NULL);
131 /* if the object has an __html__ method that performs the escaping */
132 html = PyObject_GetAttrString(text, "__html__");
134 rv = PyObject_CallObject(html, NULL);
139 /* otherwise make the object unicode if it isn't, then escape */
141 if (!PyUnicode_Check(text)) {
142 PyObject *unicode = PyObject_Unicode(text);
145 s = escape_unicode((PyUnicodeObject*)unicode);
149 s = escape_unicode((PyUnicodeObject*)text);
151 /* convert the unicode string into a markup object. */
152 rv = PyObject_CallFunctionObjArgs(markup, (PyObject*)s, NULL);
159 soft_unicode(PyObject *self, PyObject *s)
161 if (!PyUnicode_Check(s))
162 return PyObject_Unicode(s);
169 tb_set_next(PyObject *self, PyObject *args)
171 PyTracebackObject *tb, *old;
174 if (!PyArg_ParseTuple(args, "O!O:tb_set_next", &PyTraceBack_Type, &tb, &next))
178 else if (!PyTraceBack_Check(next)) {
179 PyErr_SetString(PyExc_TypeError,
180 "tb_set_next arg 2 must be traceback or None");
187 tb->tb_next = (PyTracebackObject*)next;
195 static PyMethodDef module_methods[] = {
196 {"escape", (PyCFunction)escape, METH_O,
197 "escape(s) -> markup\n\n"
198 "Convert the characters &, <, >, ', and \" in string s to HTML-safe\n"
199 "sequences. Use this if you need to display text that might contain\n"
200 "such characters in HTML. Marks return value as markup string."},
201 {"soft_unicode", (PyCFunction)soft_unicode, METH_O,
202 "soft_unicode(object) -> string\n\n"
203 "Make a string unicode if it isn't already. That way a markup\n"
204 "string is not converted back to unicode."},
205 {"tb_set_next", (PyCFunction)tb_set_next, METH_VARARGS,
206 "Set the tb_next member of a traceback object."},
207 {NULL, NULL, 0, NULL} /* Sentinel */
211 #ifndef PyMODINIT_FUNC /* declarations for DLL import/export */
212 #define PyMODINIT_FUNC void
217 if (!init_constants())
220 Py_InitModule3("jinja2._speedups", module_methods, "");