Undefined behavor of extended iteration

[aronacher]

Right now "for foo.bar, blubblah? in something" is undefined in genshi (it does nothing, especially no error) and "for fooa in b? in bar" breaks with a syntax error although it's valid python.

Because of my work on the sandboxed branch it's important that iterations do not modify existing objects because they could be persistent, thus shared among renderings. A quickfix would be changing the " in " split to a regex like this: "r([A-Za-z_][A-Za-z0-9_]*(\s*,\s*[A-Za-z_][A-Za-z0-9_]*)*)\s+in"

That would then automatically close the security problem of the sandbox branch too.