# HG changeset patch
# User Sandrine Ribeau <sandrine.ribeau@logilab.fr>
# Date 1254779138 25200
#      Mon Oct 05 14:45:38 2009 -0700
# Node ID dbdedcedff5cfb7e484f44e54d5698863abb969e
# Parent  52afeac04d882f6f41ac82bf4d2f47b6cfbcda5d
[views] use xml_escape instead of html_escape

diff --git a/views.py b/views.py
--- a/views.py
+++ b/views.py
@@ -9,7 +9,7 @@
 
 from itertools import count
 
-from logilab.mtconverter import html_escape
+from logilab.mtconverter import xml_escape
 from logilab.common.decorators import monkeypatch
 
 from simplejson import dumps
@@ -24,7 +24,7 @@
 from cubicweb.web.action import LinkToEntityAction, Action
 from cubicweb.web.form import FormViewMixIn
 from cubicweb.web.formwidgets import Button
-from cubicweb.web.views import primary, baseviews
+from cubicweb.web.views import primary, baseviews, xmlrss
 from cubicweb.web.component import EntityVComponent
 from cubicweb.web.views.basecontrollers import JSonController
 
@@ -88,13 +88,13 @@
         entity = self.entity(row, col)
         root = entity.root()
         self.w(u'[<a href="%s">#%s</a>] '
-               % (html_escape(root.absolute_url()), root.eid))
+               % (xml_escape(root.absolute_url()), root.eid))
         maxsize = self.req.property_value('navigation.short-line-size')
         maxsize = maxsize - len(str(root.eid))
         content = entity.printable_value('content', format='text/plain')
-        content = html_escape(cut(content, maxsize))
+        content = xml_escape(cut(content, maxsize))
         self.w(u'<a href="%s">#%s <i>%s</i></a>\n' % (
-            html_escape(entity.absolute_url()), entity.eid, content))
+            xml_escape(entity.absolute_url()), entity.eid, content))
 
 
 class CommentTreeItemView(baseviews.ListItemView):
@@ -118,15 +118,15 @@
                 'comment%sHolder' % entity.eid, rql_for_eid(entity.eid),
                 'inlinecomment')
             reply = ' | %s <a href="%s"> %s </a>' % ( _login_register_link(self),
-                                                    html_escape(url),
-                                                    _(action.title))
+                                                      xml_escape(url),
+                                                      _(action.title))
         if editaction is None:
             edit = u''
         else:
             url = self.req.build_ajax_replace_url(
                 'comment%s' % entity.eid, rql_for_eid(entity.eid),
                 'editcomment')
-            edit = ' | <a href="%s">%s</a>' % (html_escape(url),
+            edit = ' | <a href="%s">%s</a>' % (xml_escape(url),
                                                _(editaction.title))
         text = entity.printable_value('content')
         if not kwargs.get('full'):