[Zope-Checkins] SVN: Zope/branches/Zope-2_8-branch/lib/python/
disabled the reST .. include directive
Andreas Jung
andreas at andreas-jung.com
Sun Oct 9 10:39:30 EDT 2005
Log message for revision 39017:
disabled the reST .. include directive
Changed:
U Zope/branches/Zope-2_8-branch/lib/python/Products/ZReST/ZReST.py
U Zope/branches/Zope-2_8-branch/lib/python/reStructuredText/__init__.py
-=-
Modified: Zope/branches/Zope-2_8-branch/lib/python/Products/ZReST/ZReST.py
===================================================================
--- Zope/branches/Zope-2_8-branch/lib/python/Products/ZReST/ZReST.py 2005-10-09 14:37:54 UTC (rev 39016)
+++ Zope/branches/Zope-2_8-branch/lib/python/Products/ZReST/ZReST.py 2005-10-09 14:39:29 UTC (rev 39017)
@@ -192,6 +192,9 @@
# set the reporting level to something sane
pub.settings.report_level = int(self.report_level)
+ # disallow use of the .. include directive for security reasons
+ pub.settings.file_insertion_enabled = 0
+
# don't break if we get errors
pub.settings.halt_level = 6
Modified: Zope/branches/Zope-2_8-branch/lib/python/reStructuredText/__init__.py
===================================================================
--- Zope/branches/Zope-2_8-branch/lib/python/reStructuredText/__init__.py 2005-10-09 14:37:54 UTC (rev 39016)
+++ Zope/branches/Zope-2_8-branch/lib/python/reStructuredText/__init__.py 2005-10-09 14:39:29 UTC (rev 39017)
@@ -74,6 +74,7 @@
if language_code:
settings['language_code'] = language_code
settings['language_code'] = language_code
+ settings['file_insertion_enabled '] = 0
# starting level for <H> elements:
settings['initial_header_level'] = initial_header_level + 1
# set the reporting level to something sane:
More information about the Zope-Checkins
mailing list