alternative attempt: unescape all entities

plone · Nov 22, 2023 · af8bb56 · af8bb56
1 parent 850b8a2
commit af8bb56
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/plone/app/content/browser/vocabulary.py b/plone/app/content/browser/vocabulary.py
@@ -1,5 +1,6 @@
 from AccessControl import getSecurityManager
 from Acquisition import aq_base
+from html import unescape
 from logging import getLogger
 from plone.app.content.utils import json_dumps
 from plone.app.content.utils import json_loads
@@ -260,8 +261,10 @@ def __call__(self):
         else:
             items = [
                 {
-                    "id": transform.scrub_html(item.value).replace("&amp;", "&"),
-                    "text": transform.scrub_html(item.title).replace("&amp;", "&") if item.title else "",
+                    "id": unescape(transform.scrub_html(item.value)),
+                    "text": unescape(transform.scrub_html(item.title))
+                    if item.title
+                    else "",
                 }
                 for item in results
             ]

diff --git a/plone/app/content/tests/test_widgets.py b/plone/app/content/tests/test_widgets.py
@@ -270,7 +270,7 @@ def testVocabularyEncoding(self):
         self.assertEqual(result["id"], test_val)
 
     def testVocabularyHtmlEntity(self):
-        """ The vocabulary token should not convert to htmlentities.
+        """The vocabulary token should not convert to htmlentities.
         See https://github.com/plone/Products.CMFPlone/issues/3874
         """
         test_val = "Question & Answer"