[Zope-dev] HTMLDocument && infinite recursion

Andrew T Sydelko sydelko@ecn.purdue.edu
Tue, 14 Aug 2001 23:21:16 -0500


HTMLDocument is a product that wraps itself
with the standard_html_header and 
standard_html_footer. Currently (version 0.3)
provides no protection against recursion if 
either the standard_html_header or 
standard_html_footer are HTMLDocuments 
themselves.

Please accept the patch at the end
of this email to fix the problem.

I'm cc'ing this to zope-dev to see if
I'm actually fixing it in a sane way.

Thanks,

--andy.

--- HTMLDocument.py.orig        Tue Aug 14 21:59:09 2001
+++ HTMLDocument.py     Tue Aug 14 22:04:36 2001
@@ -19,7 +19,7 @@
 import Acquisition
 from DateTime.DateTime import DateTime
 
-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo, getSecurityManager
 from Globals import HTML, HTMLFile, DTMLFile, MessageDialog, InitializeClass
 
 from urllib import quote
@@ -178,10 +178,15 @@
   def __call__(self, client=None, REQUEST={}, RESPONSE=None, **kw):
     "View document"
 
-    res = self.standard_html_header(self, REQUEST)
-    res = res + self.body
-    res = res + self.standard_html_footer(self, REQUEST)
-    return res
+    security=getSecurityManager()
+    security.addContext(self)
+    try:
+      res = self.standard_html_header(self, REQUEST)
+      res = res + self.body
+      res = res + self.standard_html_footer(self, REQUEST)
+      return res
+    finally:
+      security.removeContext(self)
 
   def PrincipiaSearchSource(self):
     if not self.raw_text: