#2830: add html.escape() helper and move cgi.escape() uses in the standard library to it. It defaults to quote=True and also escapes single quotes, which makes casual use safer. The cgi.escape() interface is not touched, but emits a (silent) PendingDeprecationWarning.
diff --git a/Lib/test/test_html.py b/Lib/test/test_html.py
new file mode 100644
index 0000000..30dac58
--- /dev/null
+++ b/Lib/test/test_html.py
@@ -0,0 +1,24 @@
+"""
+Tests for the html module functions.
+"""
+
+import html
+import unittest
+from test.support import run_unittest
+
+
+class HtmlTests(unittest.TestCase):
+ def test_escape(self):
+ self.assertEqual(
+ html.escape('\'<script>"&foo;"</script>\''),
+ ''<script>"&foo;"</script>'')
+ self.assertEqual(
+ html.escape('\'<script>"&foo;"</script>\'', False),
+ '\'<script>"&foo;"</script>\'')
+
+
+def test_main():
+ run_unittest(HtmlTests)
+
+if __name__ == '__main__':
+ test_main()