A general note, besides <sanitize> which sounds like a fine choice, a
technique I've used where the form's input might have some wonky
characters in it, including carriage returns, but these need to be
received and processed via a command line, is to use encode():
Then over in receiving python script
Rules = rulesparam.decode('base64')
>Date: Mon, 13 Jun 2016 17:12:05 -0700
>From: Beginner TI <ruiwang.sz(a)gmail.com>
>To: "galaxy-dev(a)lists.bx.psu.edu" <galaxy-dev(a)lists.bx.psu.edu>
>Subject: [galaxy-dev] how to get raw input from GUI
>Content-Type: text/plain; charset="utf-8"
>I am working on a wrapper for gatk and including
> <repeat name="filters" title="filter names and expressions"
> <param name="filter_name" type="text" value=""
>title="Filter name to be included in the analysis" />
> <param name="filter_exp" type="data" value=""
>expression to be included in the analysis" />
>in it, however, when I reference it using
>it would translate 'FS > 30.0' into XXXFS __gt__ 30.0XXX
>is there a way that I could keep the original text string 'FS > 30.0'? I
>did a quick lookup online but didn't see anything in cheetah's user guide
>or other places.