[Zope-dev] Stripogram or similar in core

Martijn Faassen faassen@vet.uu.nl
Mon, 29 Oct 2001 13:01:06 +0100


Andy wrote:
> > You seem to be aware of the fact, but I'd like to point it out
> > explicitely: from a security point of view, this is completely useless.
> > As HTML stripping is often done for security reasons, I fail to see the
> > interest in such a feature.
> 
> That depends where you do the checking, yes html validation in just a form
> is not as secure as checking at the application level. What I am suggesting
> is adding the HTML validation framework into the core of Zope so people can
> add checking to any level of their application as they wish. Making a
> standard interface to this gives a the developer chance to put the checking
> in at the level they choose.

If it's easy to get to I could also use it from Formulator, which,
though I don't guarantee perfect security, at least has a design which
makes it far less easy to fool than the Zope marshalling :foo 
thing (which you can fool just by writing your own HTML form).
All you'd need is add a HTMLField to the system which has the
right knobs to set what you exactly want to allow in entered HTML -- 
that's also a far better user interface than thinking up yet another
marshalling :html:foo:bar strategy..

Anyway, just a module that I can import from Python that exposes the
functionality would already be worth a lot having in the core; I'm
loath to introducing dependencies on non-core stuff in Formulator, as it's
aiming to be a very fundamental product that just should work out of the
box. The only non-core dependency right now in on TALES, but it still
works without it; you can also use Core Session Tracking in a simple
way. Once Zope 2.5 is out I plan to start depending on sessions and TALES
a lot more though, as they have those in the core.

Regards,

Martijn