Update of /cvs-repository/Zope/lib/python/Products/ZReST In directory cvs.zope.org:/tmp/cvs-serv7924/lib/python/Products/ZReST
Modified Files: Tag: Zope-2_7-branch ZReST.py Log Message: - Backport tests and fixes for ReST file inclusion vulnerability. === Zope/lib/python/Products/ZReST/ZReST.py 1.6.12.10 => 1.6.12.11 === --- Zope/lib/python/Products/ZReST/ZReST.py:1.6.12.10 Sun Nov 21 12:47:51 2004 +++ Zope/lib/python/Products/ZReST/ZReST.py Mon Jul 10 17:28:29 2006 @@ -198,6 +198,10 @@ # remember warnings pub.settings.warning_stream = Warnings() + # disable unsafe directives + pub.settings.raw_enabled = 0 + pub.settings.file_insertion_enabled = 0 + pub.source = docutils.io.StringInput( source=self.source, encoding=self.input_encoding) _______________________________________________ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins