Hi nate, I noticed You closed my ticket 836 with reason about ajax calls. But this enhancement wasn't only for ajax calls (it is not primary purpose), but for all 'bare' calls. I want to say: in this time there is no CakePHP 'core' feature, which allows restrict rendering for 'bare' calls only.
Example: developer renders in pages/home.thtml by Object::requestAction() action PostsController::lastRecords() and he want this action can not be rendered if web user guesses right default route 'www.example.com/posts/lastRecords/' - he want's this action can be rendered only by requestAction. What he have to do? I think if Security component can redirect to blackhole requests which developer want's to be by POST, it could manage restrictions about bare calls also. I am off course able solve this by other way, but I think it *is* work of Security component. I want to say: this enhancement (ticket 836) allows this by easy way and fact it also handles ajax calls (because those are in CakePHP considered as 'bare' calls) have nothing to do with needs restrict some actions to 'internal' rendering. Excuse my English, please. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
