[Zope-Checkins] CVS: Zope/lib/python/ZPublisher - HTTPRequest.py:1.61.6.10
Martijn Pieters
mj@zope.com
Thu, 1 Aug 2002 14:19:07 -0400
Update of /cvs-repository/Zope/lib/python/ZPublisher
In directory cvs.zope.org:/tmp/cvs-serv636/lib/python/ZPublisher
Modified Files:
Tag: Zope-2_5-branch
HTTPRequest.py
Log Message:
Merge from trunk: Allow switching tainting off. AT YOUR OWN RISK, you can
now set ZOPE_DTML_REQUEST_AUTOQUOTE to one of 'no', '0', or 'disabled' and
no tainting will take place.
=== Zope/lib/python/ZPublisher/HTTPRequest.py 1.61.6.9 => 1.61.6.10 ===
default_port={'http': '80', 'https': '443'}
+tainting_env = str(os.environ.get('ZOPE_DTML_REQUEST_AUTOQUOTE', '')).lower()
+TAINTING_ENABLED = tainting_env not in ('disabled', '0', 'no')
+
_marker=[]
class HTTPRequest(BaseRequest):
"""\
@@ -1288,8 +1291,8 @@
base64.decodestring(auth.split()[-1]).split(':')
return name, password
- def taintWrapper(self):
- return TaintRequestWrapper(self)
+ def taintWrapper(self, enabled=TAINTING_ENABLED):
+ return enabled and TaintRequestWrapper(self) or self
class TaintRequestWrapper: