Andy McKay wrote: > > What do people (especially Chris) think of making ChrisW's stripogram part > of the core of Zope.
I think it rocks :-) > Just discussing this with some colleagues today and we got onto a > marshalling data and it occured to us it would be nice to do something like > <input type="text" name="something:html:p:br"> that would only allow p and > br in the html. Ok, its easy to get around with a fake form, but how about > being able to only specify certain html tags in metadata in the CMF. That's a cool syntax but it's a bit too 'magik' for me. That magik could be alleviated by something documenting the whole <input name="fish:list/x"> or maybe a project describing what those things after the colon should do and where they should be documented. personally, I don't think it'll scale to html filtering. What happens when you want to get the allowed tags from a property of another object? > Having HTML Parser and maybe those stripogram functions should be easy to > integrate and provide Zope with a standard security mechanism for these > issues. Hmmm, how's this for a plan: 1. Document the :something options fully. 2. Add a :html that behaves as you describe 3. Fix the bug that means :date won't accept an empty value. 4. expose the above stuff in a coersion module that can be imported into python scripts, that would mainly have one function: coerce def coerce(from,to,**kw): eg: from coersion import coerce x='1234' y=1234 z='10/6/01' a='' b='<b>x,y</b>' coerce(x,'int')==y==1234 coerce(y,'string')==x=='1234' coerce(z,'date')==DateTimeObject coerce(a,'date')==DateTimeObject (or maybe None, but I favour a DateTime object that actually has a NULL value) coerce(b,'html',tags=['i'])=='x,y' cheers, Chris _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )