The method in question explicitly claims to be responsible for parsing ZPublisher requests, so it makes sense to deal with TaintedStrings there.
The method in question explicitly claims to be responsible for parsing ZPublisher requests, so it makes sense to deal with TaintedStrings there.