From 33d5569c3be71f615778ecc415c60f7ff92cc7d0 Mon Sep 17 00:00:00 2001
From: Loris TICHADOU <loris.tichadou@ensiie.fr>
Date: Wed, 7 Aug 2019 14:16:27 +0200
Subject: [PATCH] Update quizz.py

---
 quizz.py | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/quizz.py b/quizz.py
index e23c2da..f3cdd5a 100644
--- a/quizz.py
+++ b/quizz.py
@@ -3,19 +3,25 @@ import urllib
 
 from random import shuffle
 
+def escape(html):
+    """Returns the given HTML with ampersands, quotes and carets encoded."""
+    return mark_safe(force_unicode(html).replace('&', '&amp;').replace('<', '&l
+t;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;'))
+
+
 def quizz() : 
         req = requests.get("https://opentdb.com/api.php?amount=1&difficulty=easy")
         al = req.json()
         pas_reponse = []
         rep= al['results'][0]
 
-        question = urllib.unquote(rep['question'])
-        reponse= urllib.unquote(rep['correct_answer'])
+        question = escape(rep['question'])
+        reponse= escape(rep['correct_answer'])
         choix = [reponse.encode('utf8')]
         for f in rep['incorrect_answers'] :
-                urllib.unquote(f)
-                pas_reponse.append(f.encode('utf8'))
-                choix.append(f.encode('utf8'))
+                
+                pas_reponse.append(escape(f).encode('utf8'))
+                choix.append(escape(f).encode('utf8'))
         shuffle(choix)
         return {'question' : question.encode('utf8'), 'reponse' : reponse.encode('utf8'), 'choix' : choix, 'pas_reponse' : pas_reponse }      
 
-- 
GitLab