[Zope-Checkins] CVS: Zope/lib/python/OFS - Application.py:1.201
CopySupport.py:1.90
Tres Seaver
tseaver at zope.com
Thu Jan 15 17:47:54 EST 2004
Update of /cvs-repository/Zope/lib/python/OFS
In directory cvs.zope.org:/tmp/cvs-serv20548
Modified Files:
Application.py CopySupport.py
Log Message:
- More CGI escape merge.
=== Zope/lib/python/OFS/Application.py 1.200 => 1.201 ===
--- Zope/lib/python/OFS/Application.py:1.200 Sun Jan 11 10:32:44 2004
+++ Zope/lib/python/OFS/Application.py Thu Jan 15 17:47:23 2004
@@ -22,6 +22,7 @@
from App.ApplicationManager import ApplicationManager
from webdav.NullResource import NullResource
from FindSupport import FindSupport
+from cgi import escape
from urllib import quote
from StringIO import StringIO
from AccessControl.PermissionRole import PermissionRole
@@ -122,8 +123,8 @@
"""Returns an HTML fragment that displays the 'powered by zope'
button along with a link to the Zope site."""
return '<a href="http://www.zope.org/Credits" target="_top"><img ' \
- 'src="%s/p_/ZopeButton" width="115" height="50" ' \
- 'border="0" alt="Powered by Zope" /></a>' % self.REQUEST.BASE1
+ 'src="%s/p_/ZopeButton" width="115" height="50" border="0" ' \
+ 'alt="Powered by Zope" /></a>' % escape(self.REQUEST.BASE1, 1)
def DELETE(self, REQUEST, RESPONSE):
=== Zope/lib/python/OFS/CopySupport.py 1.89 => 1.90 ===
--- Zope/lib/python/OFS/CopySupport.py:1.89 Thu Jan 8 04:06:13 2004
+++ Zope/lib/python/OFS/CopySupport.py Thu Jan 15 17:47:23 2004
@@ -23,6 +23,7 @@
from Acquisition import aq_base, aq_inner, aq_parent
from zExceptions import Unauthorized, BadRequest
from webdav.Lockable import ResourceLockedError
+from cgi import escape
CopyError='Copy Error'
@@ -73,7 +74,7 @@
raise ResourceLockedError, 'Object "%s" is locked via WebDAV' % ob.getId()
if not ob.cb_isMoveable():
- raise CopyError, eNotSupported % id
+ raise CopyError, eNotSupported % escape(id)
m=Moniker.Moniker(ob)
oblist.append(m.dump())
cp=(1, oblist)
@@ -98,7 +99,7 @@
for id in ids:
ob=self._getOb(id)
if not ob.cb_isCopyable():
- raise CopyError, eNotSupported % id
+ raise CopyError, eNotSupported % escape(id)
m=Moniker.Moniker(ob)
oblist.append(m.dump())
cp=(0, oblist)
@@ -157,7 +158,7 @@
# Copy operation
for ob in oblist:
if not ob.cb_isCopyable():
- raise CopyError, eNotSupported % ob.getId()
+ raise CopyError, eNotSupported % escape(ob.getId())
try: ob._notifyOfCopyTo(self, op=0)
except: raise CopyError, MessageDialog(
title='Copy Error',
@@ -182,7 +183,7 @@
for ob in oblist:
id=ob.getId()
if not ob.cb_isMoveable():
- raise CopyError, eNotSupported % id
+ raise CopyError, eNotSupported % escape(id)
try: ob._notifyOfCopyTo(self, op=1)
except: raise CopyError, MessageDialog(
title='Move Error',
@@ -242,7 +243,7 @@
if ob.wl_isLocked():
raise ResourceLockedError, 'Object "%s" is locked via WebDAV' % ob.getId()
if not ob.cb_isMoveable():
- raise CopyError, eNotSupported % id
+ raise CopyError, eNotSupported % escape(id)
self._verifyObjectPaste(ob)
try: ob._notifyOfCopyTo(self, op=1)
except: raise CopyError, MessageDialog(
@@ -269,7 +270,7 @@
def manage_clone(self, ob, id, REQUEST=None):
# Clone an object, creating a new object with the given id.
if not ob.cb_isCopyable():
- raise CopyError, eNotSupported % ob.getId()
+ raise CopyError, eNotSupported % escape(ob.getId())
try: self._checkId(id)
except: raise CopyError, MessageDialog(
title='Invalid Id',
@@ -510,11 +511,11 @@
fMessageDialog=Globals.HTML("""
<HTML>
<HEAD>
-<TITLE><dtml-var title></TITLE>
+<TITLE>&dtml-title;</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
-<FORM ACTION="<dtml-var action>" METHOD="GET" <dtml-if
- target>TARGET="<dtml-var target>"</dtml-if>>
+<FORM ACTION="&dtml-action;" METHOD="GET" <dtml-if
+ target>TARGET="&dtml-target;"</dtml-if>>
<TABLE BORDER="0" WIDTH="100%%" CELLPADDING="10">
<TR>
<TD VALIGN="TOP">
More information about the Zope-Checkins
mailing list