Skip to content

Z
Zope
Commit 2ac2d73c authored by Andreas Jung's avatar Andreas Jung
Browse files
Options

Collector 404: ALT attribute is now escaped properly

parent 7c4ba6e2
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 2 deletions
lib/python/OFS/Image.py
View file @ 2ac2d73c
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
############################################################################## ##############################################################################
"""Image object""" """Image object"""
__version__='$Revision: 1.137 $'[11:-2] __version__='$Revision: 1.138 $'[11:-2]
import Globals, struct import Globals, struct
from OFS.content_types import guess_content_type from OFS.content_types import guess_content_type
...@@ -31,6 +31,7 @@ from Cache import Cacheable ...@@ -31,6 +31,7 @@ from Cache import Cacheable
from mimetools import choose_boundary from mimetools import choose_boundary
from ZPublisher import HTTPRangeSupport from ZPublisher import HTTPRangeSupport
from ZPublisher.HTTPRequest import FileUpload from ZPublisher.HTTPRequest import FileUpload
from cgi import escape
StringType=type('') StringType=type('')
manage_addFileForm=DTMLFile('dtml/imageAdd', globals(),Kind='File',kind='file') manage_addFileForm=DTMLFile('dtml/imageAdd', globals(),Kind='File',kind='file')
...@@ -740,7 +741,7 @@ class Image(File): ...@@ -740,7 +741,7 @@ class Image(File):
if alt is None: if alt is None:
alt=getattr(self, 'title', '') alt=getattr(self, 'title', '')
result = '%s alt="%s"' % (result, alt) result = '%s alt="%s"' % (result, escape(alt, 1))
if height: if height:
result = '%s height="%s"' % (result, height) result = '%s height="%s"' % (result, height)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7