Log message for revision 39011:
  disallowing .. include directive
  

Changed:
  U   Zope/trunk/lib/python/Products/ZReST/ZReST.py

-=-
Modified: Zope/trunk/lib/python/Products/ZReST/ZReST.py
===================================================================
--- Zope/trunk/lib/python/Products/ZReST/ZReST.py       2005-10-09 14:16:25 UTC 
(rev 39010)
+++ Zope/trunk/lib/python/Products/ZReST/ZReST.py       2005-10-09 14:30:31 UTC 
(rev 39011)
@@ -192,6 +192,9 @@
         # set the reporting level to something sane
         pub.settings.report_level = int(self.report_level)
 
+        # Disallow inclusion of files for security reasons
+        pub.settings.file_insertion_enabled = 0
+
         # don't break if we get errors
         pub.settings.halt_level = 6
 

_______________________________________________
Zope-Checkins maillist  -  Zope-Checkins@zope.org
http://mail.zope.org/mailman/listinfo/zope-checkins

Reply via email to