Skip to content

Commit

Permalink
- zope.app.form.browser.textwidgets: The TextAreaWidget was not escaping
Browse files Browse the repository at this point in the history 
  its content when the validation failed. This way <, > and & were put
  out unquoted.

backport from 3.4
  • Loading branch information
Christian Zagrodnick committed Mar 7, 2007
1 parent 38140a4 commit 6d396dc
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions editingwidgets.py
View file
Expand Up @@ -18,7 +18,7 @@
from zope.interface import implements
from zope.app.form.interfaces import IInputWidget
from zope.app.form.browser import TextAreaWidget
from zope.app.form.browser.widget import renderElement
from zope.app.form.browser.widget import renderElement, escape
from zope.app.pagetemplate.viewpagetemplatefile import ViewPageTemplateFile

class SimpleEditingWidget(TextAreaWidget):
Expand Down Expand Up @@ -112,7 +112,7 @@ def __call__(self):
rows=self.height,
cols=self.width,
style=self.style,
contents=self._getFormValue(),
contents=escape(self._getFormValue()),
extra=self.extra)

def contents(self):
Expand Down

0 comments on commit 6d396dc

Please sign in to comment.