[Python-checkins] r85007 - tracker/instances/python-dev/html/_generic.help.html
martin.v.loewis
python-checkins at python.org
Sat Sep 25 08:59:05 CEST 2010
Author: martin.v.loewis
Date: Sat Sep 25 08:59:05 2010
New Revision: 85007
Log:
Protect against users passing bogus property names.
Modified:
tracker/instances/python-dev/html/_generic.help.html
Modified: tracker/instances/python-dev/html/_generic.help.html
==============================================================================
--- tracker/instances/python-dev/html/_generic.help.html (original)
+++ tracker/instances/python-dev/html/_generic.help.html Sat Sep 25 08:59:05 2010
@@ -83,7 +83,7 @@
<th tal:repeat="prop props" tal:content="prop" i18n:translate=""></th>
</tr>
<tr tal:repeat="item batch">
- <tal:block tal:define="attr python:item[props[0]]" >
+ <tal:block tal:define="attr python:getattr(item,props[0],None)" >
<td>
<input name="check"
onclick="updatePreview();"
@@ -93,7 +93,7 @@
<td tal:repeat="prop props">
<label class="classhelp-label"
tal:attributes="for string:id_$attr"
- tal:content="python:item[prop]"></label>
+ tal:content="python:getattr(item,prop,None)"></label>
</td>
</tal:block>
</tr>
@@ -145,11 +145,11 @@
<th tal:repeat="prop props" tal:content="prop" i18n:translate=""></th>
</tr>
<tr tal:repeat="item batch">
- <tal:block tal:define="attr python:item[props[0]]" >
+ <tal:block tal:define="attr python:getattr(item,props[0],None)" >
<td tal:repeat="prop props">
<label class="classhelp-label"
tal:attributes="for string:id_$attr"
- tal:content="python:item[prop]"></label>
+ tal:content="python:getattr(item,prop,None)"></label>
</td>
</tal:block>
</tr>
More information about the Python-checkins
mailing list