[Zope3-checkins] SVN: messageboard/trunk/step03/ Improved Regex for
detecting illegal entries.
Stephan Richter
srichter at cosmos.phy.tufts.edu
Wed Aug 11 13:38:04 EDT 2004
Log message for revision 27003:
Improved Regex for detecting illegal entries.
Changed:
U messageboard/trunk/step03/browser/widgets.py
U messageboard/trunk/step03/fields.py
-=-
Modified: messageboard/trunk/step03/browser/widgets.py
===================================================================
--- messageboard/trunk/step03/browser/widgets.py 2004-08-11 17:35:38 UTC (rev 27002)
+++ messageboard/trunk/step03/browser/widgets.py 2004-08-11 17:38:04 UTC (rev 27003)
@@ -30,7 +30,7 @@
input = re.sub(regex, '', input)
if self.context.allowed_tags:
- regex = allowed_regex %'|'.join(
+ regex = allowed_regex %'(?: |/)|'.join(
self.context.allowed_tags)
input = re.sub(regex, '', input)
Modified: messageboard/trunk/step03/fields.py
===================================================================
--- messageboard/trunk/step03/fields.py 2004-08-11 17:35:38 UTC (rev 27002)
+++ messageboard/trunk/step03/fields.py 2004-08-11 17:38:04 UTC (rev 27003)
@@ -21,7 +21,7 @@
from zope.schema.interfaces import ValidationError
forbidden_regex = r'</?(?:%s).*?/?>'
-allowed_regex = r'</??(?!%s)[a-zA-Z0-9]*? ?(?:[a-z0-9]*?=?".*?")*/??>'
+allowed_regex = r'</??(?!%s(?: |/))[a-zA-Z0-9]*? ?(?:[a-z0-9]*?=?".*?")*/??>'
class ForbiddenTags(ValidationError):
__doc__ = u"""Forbidden HTML Tags used."""
@@ -46,7 +46,7 @@
raise ForbiddenTags(value, self.forbidden_tags)
if self.allowed_tags:
- regex = allowed_regex %'|'.join(self.allowed_tags)
+ regex = allowed_regex %'(?: |/)|'.join(self.allowed_tags)
if re.findall(regex, value):
raise ForbiddenTags(value, self.allowed_tags)
More information about the Zope3-Checkins
mailing list