That's a cool syntax but it's a bit too 'magik' for me. That magik could be alleviated by something documenting the whole <input name="fish:list/x"> or maybe a project describing what those things after the colon should do and where they should be documented.
Yeah it is a little. Just thinking of ideas here.
personally, I don't think it'll scale to html filtering. What happens when you want to get the allowed tags from a property of another object?
Hmm true of course it could just be <input name="fish:list<dtml-var "_.string.join(allowedHtml,'/')">" etc> or something
Hmmm, how's this for a plan:
1. Document the :something options fully.
2. Add a :html that behaves as you describe
3. Fix the bug that means :date won't accept an empty value.
Thats related?
4. expose the above stuff in a coersion module that can be imported into python scripts, that would mainly have one function: coerce
Hang on a sec...
def coerce(from,to,**kw):
eg: from coersion import coerce
x='1234' y=1234 z='10/6/01' a='' b='<b>x,y</b>'
coerce(x,'int')==y==1234 coerce(y,'string')==x=='1234' coerce(z,'date')==DateTimeObject coerce(a,'date')==DateTimeObject (or maybe None, but I favour a DateTime object that actually has a NULL value) coerce(b,'html',tags=['i'])=='x,y'
Whats wrong with just int and str etc... Is your idea here just to get everything in one place and one class? Other than that Im not sure of the value.. ----- Original Message ----- From: "Chris Withers" <chrisw@nipltd.com> To: "Andy McKay" <andym@ActiveState.com> Cc: <zope-dev@zope.org> Sent: Saturday, October 27, 2001 3:48 AM Subject: Re: [Zope-dev] Stripogram or similar in core
Andy McKay wrote:
What do people (especially Chris) think of making ChrisW's stripogram
part
of the core of Zope.
I think it rocks :-)
Just discussing this with some colleagues today and we got onto a marshalling data and it occured to us it would be nice to do something like <input type="text" name="something:html:p:br"> that would only allow p and br in the html. Ok, its easy to get around with a fake form, but how about being able to only specify certain html tags in metadata in the CMF.
That's a cool syntax but it's a bit too 'magik' for me. That magik could be alleviated by something documenting the whole <input name="fish:list/x"> or maybe a project describing what those things after the colon should do and where they should be documented.
personally, I don't think it'll scale to html filtering. What happens when you want to get the allowed tags from a property of another object?
Having HTML Parser and maybe those stripogram functions should be easy to integrate and provide Zope with a standard security mechanism for these issues.
Hmmm, how's this for a plan:
1. Document the :something options fully.
2. Add a :html that behaves as you describe
3. Fix the bug that means :date won't accept an empty value.
4. expose the above stuff in a coersion module that can be imported into python scripts, that would mainly have one function: coerce
def coerce(from,to,**kw):
eg: from coersion import coerce
x='1234' y=1234 z='10/6/01' a='' b='<b>x,y</b>'
coerce(x,'int')==y==1234 coerce(y,'string')==x=='1234' coerce(z,'date')==DateTimeObject coerce(a,'date')==DateTimeObject (or maybe None, but I favour a DateTime object that actually has a NULL value) coerce(b,'html',tags=['i'])=='x,y'
cheers,
Chris
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )