[Zope-dev] Collector #839: Zope, Include re module in _ namespace
tseaver@digicool.com
tseaver@digicool.com
Tue, 11 Apr 2000 16:11:17 -0700 (PDT)
Duncan Booth reported:
> It would be very useful to have access to regular expression matching from DTML. Importing the re module into the _ namespace as is done for string, math and whrandom looks to me to be both safe and useful.
>
>
with patch:
> diff -r1.61 DT_Util.py
> 205c205
> < import string, math, whrandom
> ---
> > import string, math, whrandom, re
> 219a220
> > d['re']=re
I am reluctant to Go There -- regexp's are notoriously
hard to get right, and when they go south, they often
take the family silver with them. It would be fairly
trivial to write a back-tracking regexp, even
inadvertently, the execution of which would be an
effective denial-of-service attack on the server.
DTML really isn't the right place for them, anyway:
according to the prevailing wisdom of the zopemeisters,
complicated logic belongs in Python, rather than in
DTML. (However, PythonMethods won't have access to
the re module either without some help)
I'm CC'ing this reply to the zope-dev list for further
feedback.
Tres.