Method escape_value is not robust to encodings #2
Description
It uses str uniformly. This breaks with differing or broken unicode encodings. It also does uncessary replace operations when the argument is not a string. The following works better:
def escape_value(self, data):
if data is None:
return ''
if type(data) in (str,unicode):
data = data.encode(sys.getdefaultencoding(),"ignore")
data = data.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"')
else:
data = str(data)
return data