[Zope-dev] Bug in zc.resourcelibrary?
Benji York
benji at zope.com
Tue Dec 4 09:15:09 EST 2007
Thomas Lotze wrote:
> Wouldn't a check like
>
> if content_type.split(';', 1)[0] in ('text/html', 'text/xml'):
> ...
>
> be more appropriate?
Probably. Remember, zc.resourcelibrary's HTML injection code is a hack
-- a necessary hack, but a hack none the less. I can say that because I
did it. ;)
Feel free to make the change you outlined, especially if this is causing
you to get incorrect results in one of your apps.
Also, does case matter here? Perhaps a .lower() should be added as well.
--
Benji York
Senior Software Engineer
Zope Corporation
More information about the Zope-Dev
mailing list