Commit 70748a88 authored by Andreas Jung's avatar Andreas Jung

- LP #491224: proper escaping of rendered error message

parent 62a61f15
......@@ -126,6 +126,8 @@ Features Added
Bugs Fixed
++++++++++
- LP #491224: proper escaping of rendered error message
- LP #246983: Enabled unicode conflict resolution on variables inside "string:"
expressions in TALES.
......
......@@ -50,6 +50,7 @@ from DocumentTemplate.ustr import ustr
from ExtensionClass import Base
from Persistence import Persistent
from webdav.Resource import Resource
from webdav.xmltools import escape as xml_escape
from zExceptions import Redirect
from zExceptions import upgradeException
from zExceptions.ExceptionFormatter import format_exception
......@@ -310,6 +311,7 @@ class Item(Base,
# return the rendered exception and let the
# ZPublisher Exception Hook deal with it.
return error_type, v, tb
v = xml_escape(v)
raise error_type, v, tb
finally:
if hasattr(self, '_v_eek'): del self._v_eek
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment