I didn't get any response on my last post, so I'm charging ahead full speed.
The fact that litmus complains about Zope's inability to accept UTF-8 filenames is something I view as a bug. It can be fixed simply by changing the default _checkid() implementation to allow extended characters. However, I don't want to break anything, so I think it should be optional, controlled by a setting.
Either the already existing, but seemingly undocumented setting management_page_charset could be used to check that the given Id is acceptable in that charset.
OR, a separate setting could be used, maybe allowed_id_charset?
I'm gonna go with that last one if nobody complains. Suggested code (only the important parts):
# Any other characters that should NEVER be allowed?bad_id=re.compile(r'[:;/\\]').search
def checkValidId(self, id, allow_dup=0): # So should be allow unicode, then? if not id or not isinstance(id, StringType): if isinstance(id, UnicodeType): id = escape(id) raise BadRequestException, ('Empty or invalid id specified', id)
# Here is the characterset checking. This works fine, I've tried it. try: charset = getattr(self, 'allowed_id_charset', 'ascii') id.decode(charset) except: raise BadRequestException, ( 'The id "%s" is not of the allowed character set (%s).' % \ (escape(id), self.allowed_id_charset)) # And here we check for unallowed special characters. if bad_id(id) is not None: raise BadRequestException, ( 'The id "%s" contains characters illegal in URLs.' % \ escape(id)) # And then comes the rest of the tests, as usual, for aq_ and such. # I won't copy them in in this mail.
Opinions?
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )