Patch DocumentTemplate to not return any content.
Project description
Patch DocumentTemplate to not return any content.
Features
DTML documents have been deprecated for several years, at least within the Plone community. So you should not use them. But still Plone ships with DTML documents. And these may contain security issues, especially for Cross Site Scripting (CSS). So this package patches the Document Templates to not return any content.
Options
The package looks for a few environment variables.
- SHOW_ORIGINAL_DTML
When this is set, the original DTML value is printed in the zope instance log.
- DEBUG_DTML_VALUE
When this is set, the given value is return as content of the DTML.
Installation
Install experimental.nodtml by adding it to your buildout:
[buildout] ... eggs = experimental.nodtml
and then running bin/buildout
No zcml is needed.
Contribute
Issue Tracker: https://github.com/plone/experimental.nodtml/issues
Source Code: https://github.com/plone/experimental.nodtml
License
The project is licensed under the GPLv2.
Contributors
Maurits van Rees, maurits@vanrees.org
Changelog
1.0.2 (2016-09-24)
Bug fixes:
Fixed showing String .__str__. [maurits]
1.0.1 (2016-09-24)
Bug fixes:
Added z3c.autoinclude entry point, so our code gets loaded on startup. [maurits]
1.0 (2016-09-24)
Initial release. [mauritsvanrees]
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for experimental.nodtml-1.0.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 21440f01790c63e8a1f12abaee90c2b084e8ccd32cf5daaa69e9fdeea51bedac |
|
MD5 | 3c95272546f3bc6dd86de5f4be32fd88 |
|
BLAKE2b-256 | c9e9b858ae0b85109b9d7b18010e867c01ec45befadc4af429adbe3cb102d026 |