On 01/11/05, Tim Johnson <[EMAIL PROTECTED]> wrote: > Hello: > I need to tighten my handling of CGI transmissions. > I particular, I need to develop a strategy of safely dealing > with "tainted" characters.
A friend of mine has written a module that may be useful to you: """ zstr is an extension of the Python str class that has a built-in mechanism for escaping the string for use in different contexts. Most importantly, a zstr object keeps track of its current display state, making the escaping operations idempotent. ... The main intent for zstr is to help with CGI and web-related code. CGI programming involves a lot of string manipulation. For any given string, there might be a user input version of it, an HTML-escaped version of it, a SQL-escaped version of it, and possibly other customised escaped versions for things like filtering certain HTML tags but letting others through. """ Link: http://www.mcs.vuw.ac.nz/~jester/zstr/ -- John. _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
