[Zope-Checkins] CVS: Zope/lib/python/Products/ZopeTutorial - TutorialTopic.py:1.18

Tres Seaver tseaver at zope.com
Thu Jan 15 17:54:13 EST 2004


Update of /cvs-repository/Zope/lib/python/Products/ZopeTutorial
In directory cvs.zope.org:/tmp/cvs-serv21847/ZopeTutorial

Modified Files:
	TutorialTopic.py 
Log Message:
 - Merge CGI escapes from 2.6 / 2.7 audit.


=== Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py 1.17 => 1.18 ===
--- Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py:1.17	Tue Nov 25 15:31:37 2003
+++ Zope/lib/python/Products/ZopeTutorial/TutorialTopic.py	Thu Jan 15 17:54:12 2004
@@ -13,6 +13,7 @@
 import OFS.Folder
 from HelpSys.HelpTopic import TextTopic
 from Globals import HTML, DTMLFile, MessageDialog
+from cgi import escape
 import DateTime
 import DocumentTemplate
 import StructuredText
@@ -98,7 +99,8 @@
 <a href="%s/manage_main" target="manage_main"
 onClick="javascript:window.open('%s/manage_main', 'manage_main').focus()"
 >Show lesson examples</a> in another window.
-</p>""" % (url, url, url)
+</p>""" % (url.replace('"', '\\"'), escape(url, 1),
+           escape(url, 1).replace("'", "\\'"))
 
 
     tutorialNavigation=DTMLFile('dtml/tutorialNav', globals())




More information about the Zope-Checkins mailing list