Commit 5303454c authored by Ivan Tyagov's avatar Ivan Tyagov

Escape all characters in reference which are URL specific (i.e. ?,/,:,=)

parent a29456bc
......@@ -50,7 +50,9 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>"""\n
<value> <string encoding="cdata"><![CDATA[
"""\n
This script allows to create a new Discussion Thread.\n
"""\n
MARKER = [\'\', None, []]\n
......@@ -70,7 +72,7 @@ if site_list in MARKER:\n
membership_criterion_category_list = context.getMembershipCriterionCategoryList()\n
multimembership_criterion_base_category_list = context.getMultimembershipCriterionBaseCategoryList()\n
\n
reference = title.replace(\' \', \'-\').replace(\'?\', \'\').replace(\':\', \'\')\n
reference = title.replace(\' \', \'-\').replace(\'?\', \'\').replace(\':\', \'\').replace(\'/\', \'\').replace(\'&\', \'\').replace(\'=\', \'\')\n
existing_document = context.getDocumentValue(reference)\n
if existing_document is not None:\n
# if there are other document which reference duplicates just add some random part\n
......@@ -152,7 +154,9 @@ if send_notification_text not in (\'\', None):\n
\n
return context.Base_redirect(form_id,\n
keep_items = dict(portal_status_message=context.Base_translateString(portal_status_message)))\n
</string> </value>
]]></string> </value>
</item>
<item>
<key> <string>_params</string> </key>
......
113
\ No newline at end of file
114
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment