Chris Withers wrote:

> Martijn Faassen wrote:
>>Anyway, just a module that I can import from Python that exposes the
>>functionality would already be worth a lot having in the core;
> That would be my preference... but the question is should it be core Zope or
> core Python. I mean, the type of functionality we're talking about is pretty
> generically useful.

I would like it at least as a TTW configurable/instanciable (does that 
word exist?) zope product. It could allow

- configuration of "forbidden" words in a textbox, alternativly using a 
"allow" policy (that might get hard).
- a pre-cooked "secure html" config
- possibility to write a custom parser/filter in python script/external 

and it would allow something like
<dtml-var someting filter="my_html_cleaner">

<dtml-if "my_html_cleaner.is_valid('my_text')">

where is_valid(input_string) only checks if
is_valid(imput_string) == input_string.

The reason why I think it should be TTW configurable is that people not 
being able to pure python should also be in the position to use a 
security feature.
Would this be compatible with ZPT etc.?

Certainly, this doesn't rule out to implement the core funtionality as a

pure python module.


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to