Return safe html content.

* call convert and use conversion cache feature. * add index parameter in convert just for generate unique cache key per attachment * small cosmetics refactoring (sorry). git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@34364 20353a03-c40f-0410-a6d1-a30d3c3de9de

Return safe html content.
* call convert and use conversion cache feature. * add index parameter in convert just for generate unique cache key per attachment * small cosmetics refactoring (sorry). git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@34364 20353a03-c40f-0410-a6d1-a30d3c3de9de
ee453b2a · Nicolas Delaby · 99eefd4b · ee453b2a
Commit ee453b2a authored Apr 08, 2010 by Nicolas Delaby
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 9 deletions

product/ERP5/Document/EmailDocument.py product/ERP5/Document/EmailDocument.py +19 -9

No files found.
--- a/product/ERP5/Document/EmailDocument.py
+++ b/product/ERP5/Document/EmailDocument.py
@@ -252,8 +252,7 @@ class EmailDocument(File, TextDocument):
    """
    Returns the decoded data of an attachment.
    """
-    i = 0
+    for i, part in enumerate(self._getMessage().walk()):
-    for part in self._getMessage().walk():
      if index == i:
        # This part should be handled in skin script
        # but it was a bit easier to access items here
@@ -262,11 +261,11 @@ class EmailDocument(File, TextDocument):
          RESPONSE = REQUEST.RESPONSE
          RESPONSE.setHeader('Accept-Ranges', 'bytes')
          if kw.has_key('Content-Type'):
-            RESPONSE.setHeader('Content-Type', kw['Content-Type'])
            content_type = kw['Content-Type']
+            RESPONSE.setHeader('Content-Type', content_type)
          elif kw.has_key('Content-type'):
-            RESPONSE.setHeader('Content-Type', kw['Content-type'])
            content_type = kw['Content-type']
+            RESPONSE.setHeader('Content-Type', content_type)
          else:
            content_type = None
          if kw.has_key('Content-Disposition'):
@@ -280,12 +279,22 @@ class EmailDocument(File, TextDocument):
            file_name = re.findall(file_name_regexp, content_type, re.MULTILINE)
          if content_disposition:
            if not file_name:
-              file_name = re.findall(file_name_regexp, content_disposition, re.MULTILINE)
+              file_name = re.findall(file_name_regexp,
+                                     content_disposition,
+                                     re.MULTILINE)
          if file_name:
            file_name = file_name[0]
-            RESPONSE.setHeader('Content-disposition', 'attachment; filename="%s"' % file_name)
+            RESPONSE.setHeader('Content-disposition',
-        return part.get_payload(decode=1)
+                               'attachment; filename="%s"' % file_name)
-      i += 1
+        if 'text/html' in content_type:
+          # Strip out html content in safe mode.
+          mime, content = self.convert(format='html',
+                                       text_content=part.get_payload(decode=1),
+                                       index=index) # add index to generate
+                                       # a unique cache key per attachment
+        else:
+          content = part.get_payload(decode=1)
+        return content
    return KeyError, "No attachment with index %s" % index
  # Helper methods which override header property sheet
@@ -448,7 +457,8 @@ class EmailDocument(File, TextDocument):
        part_encoding = part.get_content_charset()
        part_html = part.get_payload(decode=1)
        # Invoke Document class HTML stripper
-        html_result = self._safeHTML(part_html, charset=part_encoding)
+        html_result = self.convert(format='html', text_content=part_html,
+                                   charset=part_encoding)
    if html_result:
      # Give priority to HTML
      text_result = html_result