Undefined behavor of extended iteration

[aronacher]

Right now for foo.bar, blub['blah'] in something is undefined in genshi (it does nothing, especially no error) and for foo['a in b'] in bar breaks with a syntax error although it's valid python.

Because of my work on the sandboxed branch it's important that iterations do not modify existing objects because they could be persistent, thus shared among renderings. A quickfix would be changing the in split to a regex like this:

r([A-Za-z_][A-Za-z0-9_]*(\s*,\s*[A-Za-z_][A-Za-z0-9_]*)*)\s+in

That would then automatically close the security problem of the sandbox branch too.

[cmlenz]

(fixed formatting of description)

[Armin Ronacher]

Here a regexp that supports nested tuples. Hackish because it also matches some invalid constructs but a user gets a parsing error later anyways:

r'([(A-Za-z_][A-Za-z0-9_)]*(\s*,\s*[(A-Za-z_][A-Za-z0-9_)]*)*)\s+in'

[cmlenz]

Postponing.

[anonymous]

sddsdsdddsddds

[Carsten Klein <carsten.klein@…>]

I would like to help fixing this issue, but I don't understand what the OP actually means.

Could you please provide a testcase or code fragment that exactly reproduces your issue in the context of say a template and an input document?