[Zope-Checkins] SVN: Zope/trunk/lib/python/Products/ZReST/ZReST.py
disallowing .. include directive
Andreas Jung
andreas at andreas-jung.com
Sun Oct 9 10:30:32 EDT 2005
Log message for revision 39011:
disallowing .. include directive
Changed:
U Zope/trunk/lib/python/Products/ZReST/ZReST.py
-=-
Modified: Zope/trunk/lib/python/Products/ZReST/ZReST.py
===================================================================
--- Zope/trunk/lib/python/Products/ZReST/ZReST.py 2005-10-09 14:16:25 UTC (rev 39010)
+++ Zope/trunk/lib/python/Products/ZReST/ZReST.py 2005-10-09 14:30:31 UTC (rev 39011)
@@ -192,6 +192,9 @@
# set the reporting level to something sane
pub.settings.report_level = int(self.report_level)
+ # Disallow inclusion of files for security reasons
+ pub.settings.file_insertion_enabled = 0
+
# don't break if we get errors
pub.settings.halt_level = 6
More information about the Zope-Checkins
mailing list