Mind that you have a possible XSS vulnerability here:
for item in posts:
sitemap_xml += '<url>\n<loc>' + 'http://
www.leandro.inf.br/' +
request.application + '/' + 'default/post' + '/' + item.slug + '</loc>
\n</url>\n'
I would suggest using helpers instead of concatenating string. It is
safer.:
def sitemap():
import os
from gluon.myregex import regex_expose
# Statics URLs
ctldir = os.path.join(request.folder,"controllers")
ctls=os.listdir(ctldir)
if 'appadmin.py' in ctls: ctls.remove('appadmin.py')
if 'manage.py' in ctls: ctls.remove('manage.py')
sitemap=TAG.urlset(_xmlns="http://www.sitemaps.org/schemas/
sitemap/0.9")
for ctl in ctls:
if ctl.endswith(".bak") == False:
filename = os.path.join(ctldir,ctl)
data = open(filename, 'r').read()
functions = regex_expose.findall(data)
ctl = ctl[:-3].replace("_"," ")
for f in functions:
sitemap.append(TAG.url(TAG.loc('http://
www.leandro.inf.br/%s/%s/%s' % (request.application,ctl,f.replace
("_"," ")))
# Dynamic URLs
posts = db().select(db.posts.ALL, orderby=~db.posts.created)
for item in posts:
sitemap.append(TAG.url(TAG.loc('http://
www.leandro.inf.br/%s/default/post/%s' %
(request.application,item.slug)
return '<?xml version="1.0" encoding="UTF-8"?>\n%s' %
sitemap.xml()
On Dec 23, 10:22 am, Leandro - ProfessionalIT <lsever...@gmail.com>
wrote:
> Perfect ! now I have a sitemap generated by the my Web2Py app.
> Thank's for all help.
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web...@googlegroups.com.
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
