0.95-bugfixes: Apply security fix from [3592] and Windows compatibility for same from [3672]
git-svn-id: http://code.djangoproject.com/svn/django/branches/0.95-bugfixes@4360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
69fb4babc3
commit
a132d411c6
|
@ -19,7 +19,17 @@ def compile_messages():
|
|||
if f.endswith('.po'):
|
||||
sys.stderr.write('processing file %s in %s\n' % (f, dirpath))
|
||||
pf = os.path.splitext(os.path.join(dirpath, f))[0]
|
||||
cmd = 'msgfmt -o "%s.mo" "%s.po"' % (pf, pf)
|
||||
# Store the names of the .mo and .po files in an environment
|
||||
# variable, rather than doing a string replacement into the
|
||||
# command, so that we can take advantage of shell quoting, to
|
||||
# quote any malicious characters/escaping.
|
||||
# See http://cyberelk.net/tim/articles/cmdline/ar01s02.html
|
||||
os.environ['djangocompilemo'] = pf + '.mo'
|
||||
os.environ['djangocompilepo'] = pf + '.po'
|
||||
if sys.platform == 'win32': # Different shell-variable syntax
|
||||
cmd = 'msgfmt -o "%djangocompilemo%" "%djangocompilepo%"'
|
||||
else:
|
||||
cmd = 'msgfmt -o "$djangocompilemo" "$djangocompilepo"'
|
||||
os.system(cmd)
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
|
Loading…
Reference in New Issue