[Sugar-devel] [PATCH sugar 1/2] Escape all text passed to Palette.primary_text and .secondary_text
Sascha Silbe
silbe at activitycentral.com
Sun Jun 26 14:06:07 EDT 2011
sugar.graphics.palette.Palette passes primary_text and secondary_text through
to GTK without escaping it, so we need to make sure it doesn't contain
anything special in user data (activity title, bundle_id, nick name, etc.) or
translations.
Signed-off-by: Sascha Silbe <silbe at activitycentral.com>
---
extensions/deviceicon/network.py | 2 +-
src/jarabe/desktop/favoritesview.py | 4 +++-
src/jarabe/frame/activitiestray.py | 7 +++++--
src/jarabe/frame/clipboardmenu.py | 6 ++++--
src/jarabe/journal/palettes.py | 5 +++--
src/jarabe/view/buddymenu.py | 7 +++++--
src/jarabe/view/palettes.py | 23 +++++++++++++++--------
7 files changed, 36 insertions(+), 18 deletions(-)
diff --git a/extensions/deviceicon/network.py b/extensions/deviceicon/network.py
index 4c4f339..d6382c2 100644
--- a/extensions/deviceicon/network.py
+++ b/extensions/deviceicon/network.py
@@ -645,7 +645,7 @@ class OlpcMeshDeviceView(ToolButton):
def _update_text(self):
channel = str(self._channel)
- text = _('Mesh Network %s') % glib.markup_escape_text(channel)
+ text = glib.markup_escape_text(_('Mesh Network %s') % (channel, ))
self._palette.props.primary_text = text
def _update(self):
diff --git a/src/jarabe/desktop/favoritesview.py b/src/jarabe/desktop/favoritesview.py
index b609b1b..4778ef9 100644
--- a/src/jarabe/desktop/favoritesview.py
+++ b/src/jarabe/desktop/favoritesview.py
@@ -21,6 +21,7 @@ import math
import gobject
import gconf
+import glib
import gtk
import hippo
@@ -533,7 +534,8 @@ class FavoritePalette(ActivityPalette):
icon_size=gtk.ICON_SIZE_LARGE_TOOLBAR)
if journal_entries:
- self.props.secondary_text = journal_entries[0]['title']
+ title = journal_entries[0]['title']
+ self.props.secondary_text = glib.markup_escape_text(title)
menu_items = []
for entry in journal_entries:
diff --git a/src/jarabe/frame/activitiestray.py b/src/jarabe/frame/activitiestray.py
index 5445b49..cb8e255 100644
--- a/src/jarabe/frame/activitiestray.py
+++ b/src/jarabe/frame/activitiestray.py
@@ -24,6 +24,7 @@ import os
import gobject
import gconf
import gio
+import glib
import gtk
from sugar.graphics import style
@@ -185,9 +186,11 @@ class InvitePalette(Palette):
registry = bundleregistry.get_registry()
self._bundle = registry.get_bundle(bundle_id)
if self._bundle:
- self.set_primary_text(self._bundle.get_name())
+ name = self._bundle.get_name()
else:
- self.set_primary_text(bundle_id)
+ name = bundle_id
+
+ self.set_primary_text(glib.markup_escape_text(name))
def __join_activate_cb(self, menu_item):
self._invite.join()
diff --git a/src/jarabe/frame/clipboardmenu.py b/src/jarabe/frame/clipboardmenu.py
index d11538d..695b66e 100644
--- a/src/jarabe/frame/clipboardmenu.py
+++ b/src/jarabe/frame/clipboardmenu.py
@@ -20,6 +20,7 @@ import urlparse
import os
import logging
import gconf
+import glib
import gtk
@@ -160,10 +161,11 @@ class ClipboardMenu(Palette):
self._update()
def _update(self):
- self.props.primary_text = self._cb_object.get_name()
+ name = self._cb_object.get_name()
+ self.props.primary_text = glib.markup_escape_text(name)
preview = self._cb_object.get_preview()
if preview:
- self.props.secondary_text = preview
+ self.props.secondary_text = glib.markup_escape_text(preview)
self._update_progress_bar()
self._update_items_visibility()
self._update_open_submenu()
diff --git a/src/jarabe/journal/palettes.py b/src/jarabe/journal/palettes.py
index d40ec21..c0d1e0c 100644
--- a/src/jarabe/journal/palettes.py
+++ b/src/jarabe/journal/palettes.py
@@ -20,6 +20,7 @@ import logging
import gobject
import gtk
import gconf
+import glib
from sugar.graphics import style
from sugar.graphics.palette import Palette
@@ -56,7 +57,7 @@ class ObjectPalette(Palette):
if 'title' in metadata:
title = gobject.markup_escape_text(metadata['title'])
else:
- title = _('Untitled')
+ title = glib.markup_escape_text(_('Untitled'))
Palette.__init__(self, primary_text=title,
icon=activity_icon)
@@ -243,7 +244,7 @@ class BuddyPalette(Palette):
icon_size=style.STANDARD_ICON_SIZE,
xo_color=XoColor(colors))
- Palette.__init__(self, primary_text=nick,
+ Palette.__init__(self, primary_text=glib.markup_escape_text(nick),
icon=buddy_icon)
# TODO: Support actions on buddies, like make friend, invite, etc.
diff --git a/src/jarabe/view/buddymenu.py b/src/jarabe/view/buddymenu.py
index f824e70..de5a772 100644
--- a/src/jarabe/view/buddymenu.py
+++ b/src/jarabe/view/buddymenu.py
@@ -20,6 +20,7 @@ from gettext import gettext as _
import gtk
import gconf
+import glib
import dbus
from sugar.graphics.palette import Palette
@@ -40,7 +41,9 @@ class BuddyMenu(Palette):
buddy_icon = Icon(icon_name='computer-xo',
xo_color=buddy.get_color(),
icon_size=gtk.ICON_SIZE_LARGE_TOOLBAR)
- Palette.__init__(self, None, primary_text=buddy.get_nick(),
+ nick = buddy.get_nick()
+ Palette.__init__(self, None,
+ primary_text=glib.markup_escape_text(nick),
icon=buddy_icon)
self._invite_menu = None
self._active_activity_changed_hid = None
@@ -149,7 +152,7 @@ class BuddyMenu(Palette):
self._update_invite_menu(activity_model)
def __buddy_notify_nick_cb(self, buddy, pspec):
- self.set_primary_text(buddy.props.nick)
+ self.set_primary_text(glib.markup_escape_text(buddy.props.nick))
def _make_friend_cb(self, menuitem):
friends.get_model().make_friend(self._buddy)
diff --git a/src/jarabe/view/palettes.py b/src/jarabe/view/palettes.py
index d9c1f6b..70e17a8 100644
--- a/src/jarabe/view/palettes.py
+++ b/src/jarabe/view/palettes.py
@@ -20,6 +20,7 @@ from gettext import gettext as _
import logging
import gconf
+import glib
import gtk
from sugar import env
@@ -43,7 +44,7 @@ class BasePalette(Palette):
if home_activity.props.launch_status == shell.Activity.LAUNCHING:
self._notify_launch_hid = home_activity.connect( \
'notify::launch-status', self.__notify_launch_status_cb)
- self.set_primary_text(_('Starting...'))
+ self.set_primary_text(glib.markup_escape_text(_('Starting...')))
elif home_activity.props.launch_status == shell.Activity.LAUNCH_FAILED:
self._on_failed_launch()
else:
@@ -53,7 +54,8 @@ class BasePalette(Palette):
raise NotImplementedError
def _on_failed_launch(self):
- self.set_primary_text(_('Activity failed to start'))
+ message = _('Activity failed to start')
+ self.set_primary_text(glib.markup_escape_text(message))
def __notify_launch_status_cb(self, home_activity, pspec):
home_activity.disconnect(self._notify_launch_hid)
@@ -70,10 +72,12 @@ class CurrentActivityPalette(BasePalette):
BasePalette.__init__(self, home_activity)
def setup_palette(self):
- self.props.primary_text = self._home_activity.get_activity_name()
+ activity_name = self._home_activity.get_activity_name()
+ self.props.primary_text = glib.markup_escape_text(activity_name)
- if self._home_activity.get_title() != self.props.primary_text:
- self.props.secondary_text = self._home_activity.get_title()
+ title = self._home_activity.get_title()
+ if title != activity_name:
+ self.props.secondary_text = glib.markup_escape_text(title)
menu_item = MenuItem(_('Resume'), 'activity-start')
menu_item.connect('activate', self.__resume_activate_cb)
@@ -124,7 +128,8 @@ class ActivityPalette(Palette):
xo_color=color,
icon_size=gtk.ICON_SIZE_LARGE_TOOLBAR)
- Palette.__init__(self, primary_text=activity_info.get_name(),
+ name = activity_info.get_name()
+ Palette.__init__(self, primary_text=glib.markup_escape_text(name),
icon=activity_icon)
xo_color = XoColor('%s,%s' % (style.COLOR_WHITE.get_svg(),
@@ -152,7 +157,8 @@ class JournalPalette(BasePalette):
BasePalette.__init__(self, home_activity)
def setup_palette(self):
- self.set_primary_text(self._home_activity.get_title())
+ title = self._home_activity.get_title()
+ self.set_primary_text(glib.markup_escape_text(title))
vbox = gtk.VBox()
self.set_content(vbox)
@@ -200,7 +206,8 @@ class VolumePalette(Palette):
Palette.__init__(self, label=mount.get_name())
self._mount = mount
- self.props.secondary_text = mount.get_root().get_path()
+ path = mount.get_root().get_path()
+ self.props.secondary_text = glib.markup_escape_text(path)
vbox = gtk.VBox()
self.set_content(vbox)
--
1.7.2.5
More information about the Sugar-devel
mailing list