Stuart Bishop wrote:
On 13/01/2004, at 4:19 PM, Stuart Bishop wrote:
The 'security audit work for the 2.7 branch' commit on 8th Jan made the following change in PageTemplates/Expression.py:
As well as in other locations such as ZopeGuards.py.
I've opened http://collector.zope.org/Zope/1182 with some example code.
Anyone know if None is being passed as the name in some locations? I don't think it would be helpful for me to go around reversing code changed by a security audit without some background.
I committed that change, but didn't do the original work. I did have a discussion with Jim which touched on it: the purpose of the change was to make access via '__getitem__' homogenous across all keys / indexes, because (as we thought, anyway) there was not any reasonable use case for heterogenous access. I will let Jim comment on your use case. Tres. -- =============================================================== Tres Seaver tseaver@zope.com Zope Corporation "Zope Dealers" http://www.zope.com