Index: trunk/packages/sipb-xen-www/code/main.py
===================================================================
--- trunk/packages/sipb-xen-www/code/main.py	(revision 446)
+++ trunk/packages/sipb-xen-www/code/main.py	(revision 447)
@@ -12,4 +12,5 @@
 import sys
 import time
+import urllib
 from StringIO import StringIO
 
@@ -59,10 +60,13 @@
 checkpoint = Checkpoint()
 
+def jquote(string):
+    return "'" + string.replace('\\', '\\\\').replace("'", "\\'").replace('\n', '\\n') + "'"
 
 def helppopup(subj):
     """Return HTML code for a (?) link to a specified help topic"""
-    return ('<span class="helplink"><a href="help?subject=' + subj +
-            '&amp;simple=true" target="_blank" ' +
-            'onclick="return helppopup(\'' + subj + '\')">(?)</a></span>')
+    return ('<span class="helplink"><a href="help?' +
+            cgi.escape(urllib.urlencode(dict(subject=subj, simple='true')))
+            +'" target="_blank" ' +
+            'onclick="return helppopup(' + cgi.escape(jquote(subj)) + ')">(?)</a></span>')
 
 def makeErrorPre(old, addition):
Index: trunk/packages/sipb-xen-www/code/templates/functions.tmpl
===================================================================
--- trunk/packages/sipb-xen-www/code/templates/functions.tmpl	(revision 446)
+++ trunk/packages/sipb-xen-www/code/templates/functions.tmpl	(revision 447)
@@ -1,2 +1,3 @@
+#filter WebSafe
 #def databaseList($lst, $default, $onchange, $name, $id, $valueattr, $descattr)
 <select name="$name" id="$id"#slurp
@@ -19,12 +20,15 @@
 
 #def cdromList($default="", $onchange=None)
+#filter None
 $databaseList(sorted($sipb_xen_database.CDROM.select(), key=lambda x: x.description),
               default, onchange, 'cdrom', 'cdromlist', 'cdrom_id', 'description')
+#end filter
 #end def
 
 #def autoList($default="", $onchange=None)
+#filter None
 $databaseList(sorted($sipb_xen_database.Autoinstall.select(), key=lambda x: x.description),
               default, onchange, 'autoinstall', 'autoinstalllist', 'autoinstall_id', 'description')
-## $databaseList(autos, default, onchange, 'autoinstall', 'autoinstalllist', 'autoinstall_id', 'description')
+#end filter
 #end def
 
@@ -54,4 +58,6 @@
 #end if
 #end def
-
+#filter None
 $full_body
+#end filter
+#end filter
Index: trunk/packages/sipb-xen-www/code/templates/info.tmpl
===================================================================
--- trunk/packages/sipb-xen-www/code/templates/info.tmpl	(revision 446)
+++ trunk/packages/sipb-xen-www/code/templates/info.tmpl	(revision 447)
@@ -41,5 +41,9 @@
 	#end if
       <td>Boot CD:</td>
-      <td>$cdromList()</td>
+      <td>#slurp
+#filter None
+$cdromList()#slurp
+#end filter
+</td>
   </tr>
     <tr>
@@ -62,25 +66,55 @@
   <input type="hidden" name="machine_id" value="$defaults.machine_id"/>
   <table>
-    <tr><td>Owner${helppopup("owner")}:</td><td><input type="text" name="owner", value="$defaults.owner"/></td></tr>
+    <tr><td>Owner#slurp
+#filter None
+$helppopup("owner")#slurp
+#end filter
+:</td><td><input type="text" name="owner", value="$defaults.owner"/></td></tr>
+#filter None
 $errorRow('owner', $err)
-    <tr><td>Administrator${helppopup("administrator")}:</td><td><input type="text" name="administrator", value="$defaults.administrator"/></td></tr>
+#end filter
+    <tr><td>Administrator#slurp
+#filter None
+$helppopup("administrator")#slurp
+#end filter
+:</td><td><input type="text" name="administrator", value="$defaults.administrator"/></td></tr>
+#filter None
 $errorRow('administrator', $err)
+#end filter
     <tr><td>Contact email:</td><td><input type="text" name="contact" value="$defaults.contact"/></td></tr>
+#filter None
 $errorRow('contact', $err)
+#end filter
 #if not $on
     <tr><td>Machine Name:</td><td><input type="text" name="name" value="$defaults.name"/></td></tr>
+#filter None
 $errorRow('name', $err)
+#end filter
     <tr>
-      <td>HVM/ParaVM$helppopup('hvm_paravm')</td>
-      <td>$vmTypeList($defaults.type)</td>
+      <td>HVM/ParaVM#slurp
+#filter None
+$helppopup('hvm_paravm')#slurp
+#end filter
+</td>
+      <td>#slurp
+#filter None
+$vmTypeList($defaults.type)#slurp
+#end filter
+</td>
     </tr>
     <tr><td>Ram:</td><td><input type="text" size=3 name="memory" value="$defaults.memory"/>MiB (max $max_mem)</td></tr>
+#filter None
 $errorRow('memory', $err)
+#end filter
     <tr><td>Disk:</td><td><input type="text" size=3 name="disk" value="$defaults.disk"/>GiB (max $max_disk)</td><td>WARNING: Modifying disk size may corrupt your data.</td></tr>
+#filter None
 $errorRow('disk', $err)
+#end filter
 #else
+#filter None
 $errorRow('name', $err)
 $errorRow('memory', $err)
 $errorRow('disk', $err)
+#end filter
 #end if
     <tr><td><input type="submit" class="button" name="action" value="Change"/></td></tr>
@@ -91,14 +125,20 @@
 #def body
 <div id="info">
+#filter None
   $infoTable()
+#end filter
 </div>
 
 <h2>Commands</h2>
 <div id="commands">
+#filter None
   $commands()
+#end filter
 </div>
 <h2>Settings</h2>
 <div id="modify">
+#filter None
   $modifyForm()
+#end filter
 </div>
 #end def
Index: trunk/packages/sipb-xen-www/code/templates/list.tmpl
===================================================================
--- trunk/packages/sipb-xen-www/code/templates/list.tmpl	(revision 446)
+++ trunk/packages/sipb-xen-www/code/templates/list.tmpl	(revision 447)
@@ -20,34 +20,63 @@
     <input type="hidden" name="back" value="list"/>
       <table>
+#filter None
       $errorRow('create', $err)
+#end filter
 	<tr>
 	  <td>Name</td>
 	  <td><input type="text" name="name" value="$defaults.name"/></td>
 	</tr>
+#filter None
 $errorRow('name', $err)
+#end filter
 	<tr>
 	  <td>Memory</td>
 	  <td><input type="text" name="memory" value="$defaults.memory" size=3/> MiB ($max_memory max)</td>
 	</tr>
+#filter None
 $errorRow('memory', $err)
+#end filter
 	<tr>
 	  <td>Disk</td>
 	  <td><input type="text" name="disk" value="$defaults.disk" size=3/> GiB (${"%0.1f" % ($max_disk-0.05)} max)</td>
 	</tr>
+#filter None
 $errorRow('disk', $err)
+#end filter
         <tr>
-          <td>HVM/ParaVM$helppopup('hvm_paravm')</td>
-          <td>$vmTypeList($defaults.type)</td>
+          <td>HVM/ParaVM#slurp
+#filter None
+$helppopup('hvm_paravm')#slurp
+#end filter
+</td>
+          <td>
+#filter None
+$vmTypeList($defaults.type)
+#end filter
+</td>
         </tr>
+#filter None
 $errorRow('vmtype', $err)
+#end filter
 	<tr>
-	  <td>Autoinstall$helppopup('autoinstall')</td>
-	  <td><input type="radio" name="cd_or_auto" id="cd_or_auto_auto">$autoList($defaults.cdrom, "document.getElementById('cd_or_auto_auto').checked = true;document.getElementById('cdromlist').value = ''")
+	  <td>Autoinstall#slurp
+#filter None
+$helppopup('autoinstall')#slurp
+#end filter
+</td>
+	  <td><input type="radio" name="cd_or_auto" id="cd_or_auto_auto">
+#filter None
+$autoList($defaults.cdrom, "document.getElementById('cd_or_auto_auto').checked = true;document.getElementById('cdromlist').value = ''")
 	      (experimental; 1-2 minutes, and you have a machine; root pw is 'password'.)
+#end filter
 	  </input>
 	</tr>
 	<tr>
 	  <td>Boot CD</td>
-	  <td><input type="radio" name="cd_or_auto" id="cd_or_auto_cd" checked>$cdromList($defaults.cdrom, "document.getElementById('cd_or_auto_cd').checked = true;document.getElementById('autoinstalllist').value = ''")</td>
+	  <td><input type="radio" name="cd_or_auto" id="cd_or_auto_cd" checked>
+#filter None
+$cdromList($defaults.cdrom, "document.getElementById('cd_or_auto_cd').checked = true;document.getElementById('autoinstalllist').value = ''")
+#end filter
+</td>
 	  </input>
 	</tr>
@@ -58,5 +87,7 @@
 	  <td><input type="text" name="owner" value="$defaults.owner"/></td>
 	</tr>
+#filter None
 	$errorRow('owner', $err)
+#end filter
       </table>
       <input type="submit" class="button" value="Create it!"/>
@@ -86,5 +117,7 @@
 <a href="vnc?machine_id=$machine.machine_id">Console</a>#slurp
 #else if $has_vnc[$machine] != 'Off'
+#filter None
 $has_vnc[$machine]
+#end filter
 #end if
 </td>
@@ -107,6 +140,14 @@
 	<th>Name</th>
 	<th>Memory</th>
-	<th>Owner$helppopup('owner')</th>
-        <th>Administrator$helppopup('administrator')</th>
+	<th>Owner#slurp
+#filter None
+$helppopup('owner')#slurp
+#end filter
+</th>
+        <th>Administrator#slurp
+#filter None
+$helppopup('administrator')#slurp
+#end filter
+</th>
 	<th>IP</th>
 	<th>Uptime</th>
@@ -115,5 +156,7 @@
       </tr>
       #for $machine in $machines:
+    #filter None
 	$machineRow($machine)
+    #end filter
       #end for
     </table>
@@ -128,6 +171,10 @@
     <p><a href="list">refresh</a></p>
     <div id="machinelist">
+    #filter None
     $machineList($machines)
+    #end filter
     </div>
+#filter None
 $createForm()
+#end filter
 #end def
Index: trunk/packages/sipb-xen-www/code/templates/skeleton.tmpl
===================================================================
--- trunk/packages/sipb-xen-www/code/templates/skeleton.tmpl	(revision 446)
+++ trunk/packages/sipb-xen-www/code/templates/skeleton.tmpl	(revision 447)
@@ -60,5 +60,4 @@
 </ul>
 #end if
-
 <div id="result" class="result">
 #if $varExists('result')
@@ -70,5 +69,7 @@
 <h1>$title &mdash; SIPB Virtual Servers</h1>
 #end if
+#filter None
 $body
+#end filter
 #if not $varExists('simple') or not $simple
 <hr />

Owner${helppopup("owner")}:
Owner#slurp +#filter None +$helppopup("owner")#slurp +#end filter +:
Administrator${helppopup("administrator")}:
Administrator#slurp +#filter None +$helppopup("administrator")#slurp +#end filter +:
Contact email:
Machine Name:
HVM/ParaVM$helppopup('hvm_paravm')	$vmTypeList($defaults.type)	HVM/ParaVM#slurp +#filter None +$helppopup('hvm_paravm')#slurp +#end filter +	#slurp +#filter None +$vmTypeList($defaults.type)#slurp +#end filter +
Ram:	MiB (max $max_mem)
Disk:	GiB (max $max_disk)	WARNING: Modifying disk size may corrupt your data.
Name
Memory	MiB ($max_memory max)
Disk	GiB (${"%0.1f" % ($max_disk-0.05)} max)
HVM/ParaVM$helppopup('hvm_paravm')	$vmTypeList($defaults.type)	HVM/ParaVM#slurp +#filter None +$helppopup('hvm_paravm')#slurp +#end filter +	+#filter None +$vmTypeList($defaults.type) +#end filter +
Autoinstall$helppopup('autoinstall')	$autoList($defaults.cdrom, "document.getElementById('cd_or_auto_auto').checked = true;document.getElementById('cdromlist').value = ''") +	Autoinstall#slurp +#filter None +$helppopup('autoinstall')#slurp +#end filter +	+#filter None +$autoList($defaults.cdrom, "document.getElementById('cd_or_auto_auto').checked = true;document.getElementById('cdromlist').value = ''") (experimental; 1-2 minutes, and you have a machine; root pw is 'password'.) +#end filter
Boot CD	$cdromList($defaults.cdrom, "document.getElementById('cd_or_auto_cd').checked = true;document.getElementById('autoinstalllist').value = ''")	+#filter None +$cdromList($defaults.cdrom, "document.getElementById('cd_or_auto_cd').checked = true;document.getElementById('autoinstalllist').value = ''") +#end filter +