[Zope-Checkins] CVS: Zope/lib/python/Products/ZopeTutorial -
TutorialTopic.py:1.18
Tres Seaver
tseaver at zope.com
Thu Jan 15 17:54:13 EST 2004
Update of /cvs-repository/Zope/lib/python/Products/ZopeTutorial
In directory cvs.zope.org:/tmp/cvs-serv21847/ZopeTutorial
Modified Files:
TutorialTopic.py
Log Message:
- Merge CGI escapes from 2.6 / 2.7 audit.
=== Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py 1.17 => 1.18 ===
--- Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py:1.17 Tue Nov 25 15:31:37 2003
+++ Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py Thu Jan 15 17:54:12 2004
@@ -13,6 +13,7 @@
import OFS.Folder
from HelpSys.HelpTopic import TextTopic
from Globals import HTML, DTMLFile, MessageDialog
+from cgi import escape
import DateTime
import DocumentTemplate
import StructuredText
@@ -98,7 +99,8 @@
<a href="%s/manage_main" target="manage_main"
onClick="javascript:window.open('%s/manage_main', 'manage_main').focus()"
>Show lesson examples</a> in another window.
-</p>""" % (url, url, url)
+</p>""" % (url.replace('"', '\\"'), escape(url, 1),
+ escape(url, 1).replace("'", "\\'"))
tutorialNavigation=DTMLFile('dtml/tutorialNav', globals())
More information about the Zope-Checkins
mailing list