Zope 2

parseIndexRequest can't handle TaintedStrings

Bug #680458 reported by ChrisW
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Zope 2
Invalid
Low
Unassigned

Bug Description

Line 83 of Products/PluginIndexes/common/util.py chokes on ZPublisher.TaintedString.TaintedString instances rather than treating them as strings.

I discovered this when attempting to search with a parameter that contained an html tag.

I'm included to say that TaintedStrings should be ignored in the same way that DateTime's are.
What do others feel about this?

Regardless, this is a bug that should be addressed.

Revision history for this message
Hanno Schlichting (hannosch) wrote :

The method in question explicitly claims to be responsible for parsing ZPublisher requests, so it makes sense to deal with TaintedStrings there.

Changed in zope2:
importance: Undecided → Low
status: New → Confirmed
Revision history for this message
Colin Watson (cjwatson) wrote :

The zope2 project on Launchpad has been archived at the request of the Zope developers (see https://answers.launchpad.net/launchpad/+question/683589 and https://answers.launchpad.net/launchpad/+question/685285). If this bug is still relevant, please refile it at https://github.com/zopefoundation/zope2.

Changed in zope2:
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.