[Zope-Checkins] CVS: Zope/lib/python/OFS - ObjectManager.py:1.145.16.4 PropertyManager.py:1.42.16.1 PropertySheets.py:1.81.4.2 Uninstalled.py:1.12.16.1

Martijn Pieters mj@zope.com
Thu, 1 Aug 2002 12:01:28 -0400


Update of /cvs-repository/Zope/lib/python/OFS
In directory cvs.zope.org:/tmp/cvs-serv9310/lib/python/OFS

Modified Files:
      Tag: Zope-2_5-branch
	ObjectManager.py PropertyManager.py PropertySheets.py 
	Uninstalled.py 
Log Message:
Big change, merge from trunk.

- Make DTML automatically html quote data indirectly taken from REQUEST
  which contain a '<'. Make sure (almost) all string operation preserve the
  taint on this data.

- Fix exceptions that use REQUEST data; quote the data.

- Don't let form and cookie values mask the REQUEST computed values such as
  URL0 and BASE1.


=== Zope/lib/python/OFS/ObjectManager.py 1.145.16.3 => 1.145.16.4 ===
 from AccessControl import getSecurityManager
 from zLOG import LOG, ERROR
 import sys,string,fnmatch,copy
+from cgi import escape
 
 import XMLExportImport
 customImporters={
@@ -53,7 +54,7 @@
         raise BadRequestException, 'Empty or invalid id specified.'
     if bad_id(id) is not None:
         raise BadRequestException, (
-            'The id "%s" contains characters illegal in URLs.' % id)
+            'The id "%s" contains characters illegal in URLs.' % escape(id))
     if id[0]=='_': raise BadRequestException, (
         'The id "%s" is invalid - it begins with an underscore.'  % id)
     if id[:3]=='aq_': raise BadRequestException, (
@@ -432,13 +433,13 @@
         for n in ids:
             if n in p:
                 return MessageDialog(title='Not Deletable',
-                       message='<EM>%s</EM> cannot be deleted.' % n,
+                       message='<EM>%s</EM> cannot be deleted.' % escape(n),
                        action ='./manage_main',)
         while ids:
             id=ids[-1]
             v=self._getOb(id, self)
             if v is self:
-                raise 'BadRequest', '%s does not exist' % ids[-1]
+                raise 'BadRequest', '%s does not exist' % escape(ids[-1])
             self._delObject(id)
             del ids[-1]
         if REQUEST is not None:
@@ -509,7 +510,7 @@
         """Import an object from a file"""
         dirname, file=os.path.split(file)
         if dirname:
-            raise BadRequestException, 'Invalid file name %s' % file
+            raise BadRequestException, 'Invalid file name %s' % escape(file)
 
         instance_home = INSTANCE_HOME
         software_home = os.path.join(SOFTWARE_HOME, '..%s..' % os.sep)
@@ -520,7 +521,7 @@
             if os.path.exists(filepath):
                 break
         else:
-            raise BadRequestException, 'File does not exist: %s' % file
+            raise BadRequestException, 'File does not exist: %s' % escape(file)
 
         self._importObjectFromFile(filepath, verify=not not REQUEST,
                                    set_owner=set_owner)


=== Zope/lib/python/OFS/PropertyManager.py 1.42 => 1.42.16.1 ===
 from string import find,join,lower,split
 from Acquisition import Implicit, aq_base
 from Globals import Persistent
+from cgi import escape
 
 
 
@@ -122,7 +123,7 @@
 
     def valid_property_id(self, id):
         if not id or id[:1]=='_' or (id[:3]=='aq_') \
-           or (' ' in id) or hasattr(aq_base(self), id):
+           or (' ' in id) or hasattr(aq_base(self), id) or escape(id) != id:
             return 0
         return 1
 
@@ -172,7 +173,7 @@
 
         if type in ('selection', 'multiple selection'):
             if not hasattr(self, value):
-                raise 'Bad Request', 'No select variable %s' % value
+                raise 'Bad Request', 'No select variable %s' % escape(value)
             self._properties=self._properties + (
                 {'id':id, 'type':type, 'select_variable':value},)
             if type=='selection':
@@ -189,7 +190,7 @@
         # the value to the type of the existing property.
         self._wrapperCheck(value)
         if not self.hasProperty(id):
-            raise 'Bad Request', 'The property %s does not exist' % id
+            raise 'Bad Request', 'The property %s does not exist' % escape(id)
         if type(value)==type(''):
             proptype=self.getPropertyType(id) or 'string'
             if type_converters.has_key(proptype):
@@ -198,7 +199,7 @@
 
     def _delProperty(self, id):
         if not self.hasProperty(id):
-            raise ValueError, 'The property %s does not exist' % id
+            raise ValueError, 'The property %s does not exist' % escape(id)
         delattr(self,id)
         self._properties=tuple(filter(lambda i, n=id: i['id'] != n,
                                       self._properties))
@@ -282,7 +283,7 @@
         for name, value in props.items():
             if self.hasProperty(name):
                 if not 'w' in propdict[name].get('mode', 'wd'):
-                    raise 'BadRequest', '%s cannot be changed' % name
+                    raise 'BadRequest', '%s cannot be changed' % escape(name)
                 self._updateProperty(name, value)
         if REQUEST:
             message="Saved changes."
@@ -321,7 +322,7 @@
         for id in ids:
             if not hasattr(aq_base(self), id):
                 raise 'BadRequest', (
-                      'The property <em>%s</em> does not exist' % id)
+                      'The property <em>%s</em> does not exist' % escape(id))
             if (not 'd' in propdict[id].get('mode', 'wd')) or (id in nd):
                 return MessageDialog(
                 title  ='Cannot delete %s' % id,


=== Zope/lib/python/OFS/PropertySheets.py 1.81.4.1 => 1.81.4.2 ===
 from Traversable import Traversable
 from Acquisition import aq_base
 from AccessControl import getSecurityManager
+from cgi import escape
 
 class View(App.Management.Tabs, Base):
     """A view of an object, typically used for management purposes
@@ -142,7 +143,7 @@
 
     def valid_property_id(self, id):
         if not id or id[:1]=='_' or (id[:3]=='aq_') \
-           or (' ' in id):
+           or (' ' in id) or escape(id) != id:
             return 0
         return 1
 
@@ -181,7 +182,7 @@
         # systems.
         self._wrapperCheck(value)
         if not self.valid_property_id(id):
-            raise 'Bad Request', 'Invalid property id, %s.' % id
+            raise 'Bad Request', 'Invalid property id, %s.' % escape(id)
 
         if not self.property_extensible_schema__():
             raise 'Bad Request', (
@@ -191,7 +192,8 @@
         if hasattr(aq_base(self),id):
             if not (id=='title' and not self.__dict__.has_key(id)):
                 raise 'Bad Request', (
-                    'Invalid property id, <em>%s</em>. It is in use.' % id)
+                    'Invalid property id, <em>%s</em>. It is in use.' % 
+                        escape(id))
         if meta is None: meta={}
         prop={'id':id, 'type':type, 'meta':meta}
         pself._properties=pself._properties+(prop,)
@@ -212,10 +214,10 @@
         # it will used to _replace_ the properties meta data.
         self._wrapperCheck(value)
         if not self.hasProperty(id):
-            raise 'Bad Request', 'The property %s does not exist.' % id
+            raise 'Bad Request', 'The property %s does not exist.' % escape(id)
         propinfo=self.propertyInfo(id)
         if not 'w' in propinfo.get('mode', 'wd'):
-            raise 'Bad Request', '%s cannot be changed.' % id
+            raise 'Bad Request', '%s cannot be changed.' % escape(id)
         if type(value)==type(''):
             proptype=propinfo.get('type', 'string')
             if type_converters.has_key(proptype):
@@ -233,13 +235,13 @@
         # Delete the property with the given id. If a property with the
         # given id does not exist, a ValueError is raised.
         if not self.hasProperty(id):
-            raise 'Bad Request', 'The property %s does not exist.' % id
+            raise 'Bad Request', 'The property %s does not exist.' % escape(id)
         vself=self.v_self()
         if hasattr(vself, '_reserved_names'):
             nd=vself._reserved_names
         else: nd=()
         if (not 'd' in self.propertyInfo(id).get('mode', 'wd')) or (id in nd):
-            raise 'Bad Request', '%s cannot be deleted.' % id
+            raise 'Bad Request', '%s cannot be deleted.' % escape(id)
         delattr(vself, id)
         pself=self.p_self()
         pself._properties=tuple(filter(lambda i, n=id: i['id'] != n,
@@ -263,7 +265,7 @@
         # Return a mapping containing property meta-data
         for p in self._propertyMap():
             if p['id']==id: return p
-        raise ValueError, 'The property %s does not exist.' % id
+        raise ValueError, 'The property %s does not exist.' % escape(id)
 
     def _propertyMap(self):
         # Return a tuple of mappings, giving meta-data for properties.
@@ -420,7 +422,7 @@
         for name, value in props.items():
             if self.hasProperty(name):
                 if not 'w' in propdict[name].get('mode', 'wd'):
-                    raise 'BadRequest', '%s cannot be changed' % name
+                    raise 'BadRequest', '%s cannot be changed' % escape(name)
                 self._updateProperty(name, value)
         if REQUEST is not None:
             return MessageDialog(
@@ -485,13 +487,13 @@
         return getattr(self, method)()
 
     def _setProperty(self, id, value, type='string', meta=None):
-        raise ValueError, '%s cannot be set.' % id
+        raise ValueError, '%s cannot be set.' % escape(id)
 
     def _updateProperty(self, id, value):
-        raise ValueError, '%s cannot be updated.' % id
+        raise ValueError, '%s cannot be updated.' % escape(id)
 
     def _delProperty(self, id):
-        raise ValueError, '%s cannot be deleted.' % id
+        raise ValueError, '%s cannot be deleted.' % escape(id)
 
     def _propertyMap(self):
         # Only use getlastmodified if returns a value


=== Zope/lib/python/OFS/Uninstalled.py 1.12 => 1.12.16.1 ===
 import Persistence
 from thread import allocate_lock
 from zLOG import LOG, WARNING
+from cgi import escape
 
 broken_klasses={}
 broken_klasses_lock = allocate_lock()
@@ -42,7 +43,7 @@
     def __getattr__(self, name):
         if name[:3]=='_p_':
             return BrokenClass.inheritedAttribute('__getattr__')(self, name)
-        raise AttributeError, name
+        raise AttributeError, escape(name)
 
     manage=manage_main=Globals.DTMLFile('dtml/brokenEdit',globals())
     manage_workspace=manage