[Zope-Checkins] SVN: Zope/branches/Zope-2_8-branch/ - LP #491224: proper escaping of rendered error message
Andreas Jung
andreas at andreas-jung.com
Mon Jan 11 10:31:52 EST 2010
Log message for revision 108016:
- LP #491224: proper escaping of rendered error message
Changed:
U Zope/branches/Zope-2_8-branch/doc/CHANGES.txt
U Zope/branches/Zope-2_8-branch/lib/python/OFS/SimpleItem.py
-=-
Modified: Zope/branches/Zope-2_8-branch/doc/CHANGES.txt
===================================================================
--- Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2010-01-11 15:29:58 UTC (rev 108015)
+++ Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2010-01-11 15:31:51 UTC (rev 108016)
@@ -4,6 +4,10 @@
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
+ Zope 2.8.12 (unreleased)
+
+ - LP #491224: proper escaping of rendered error message
+
Zope 2.8.11 (2009/08/06)
Bugs fixed
Modified: Zope/branches/Zope-2_8-branch/lib/python/OFS/SimpleItem.py
===================================================================
--- Zope/branches/Zope-2_8-branch/lib/python/OFS/SimpleItem.py 2010-01-11 15:29:58 UTC (rev 108015)
+++ Zope/branches/Zope-2_8-branch/lib/python/OFS/SimpleItem.py 2010-01-11 15:31:51 UTC (rev 108016)
@@ -25,6 +25,7 @@
import Globals, App.Management, Acquisition, App.Undo
import AccessControl.Role, AccessControl.Owned, App.Common
from webdav.Resource import Resource
+from webdav.xmltools import escape as xml_escape
from ExtensionClass import Base
from ComputedAttribute import ComputedAttribute
from AccessControl import getSecurityManager, Unauthorized
@@ -227,6 +228,7 @@
"event log for full details: %s)")%(
html_quote(sys.exc_info()[1]),
))
+ v = xml_escape(v)
raise error_type, v, tb
finally:
if hasattr(self, '_v_eek'): del self._v_eek
More information about the Zope-Checkins
mailing list