[Zope-Checkins] CVS: Zope/lib/python/ZPublisher - HTTPRequest.py:1.76
Martijn Pieters
mj@zope.com
Thu, 1 Aug 2002 14:18:54 -0400
Update of /cvs-repository/Zope/lib/python/ZPublisher
In directory cvs.zope.org:/tmp/cvs-serv779/lib/python/ZPublisher
Modified Files:
HTTPRequest.py
Log Message:
Allow switching tainting off. AT YOUR OWN RISK, you can now set
ZOPE_DTML_REQUEST_AUTOQUOTE to one of 'no', '0', or 'disabled' and no
tainting will take place.
=== Zope/lib/python/ZPublisher/HTTPRequest.py 1.75 => 1.76 ===
default_port={'http': '80', 'https': '443'}
+tainting_env = str(os.environ.get('ZOPE_DTML_REQUEST_AUTOQUOTE', '')).lower()
+TAINTING_ENABLED = tainting_env not in ('disabled', '0', 'no')
+
_marker=[]
class HTTPRequest(BaseRequest):
"""\
@@ -1302,8 +1305,8 @@
base64.decodestring(auth.split()[-1]).split(':')
return name, password
- def taintWrapper(self):
- return TaintRequestWrapper(self)
+ def taintWrapper(self, enabled=TAINTING_ENABLED):
+ return enabled and TaintRequestWrapper(self) or self
class TaintRequestWrapper: