Martin Aspeli writes: > Daniel Nouri wrote: >> Hi (and sorry for cross-posting), >> >> I've fixed Skinny's problem of leaking Plone views like >> '/folder_listing' and friends. > > Just curious - how did you achieve this?
Using plone.postpublicationhook. Which is what I think you suggested at some point. The implementation allows anything that has gone through the main view (and thus has been marked as IPublicLayerOK), plus anything that has "/++resource++skinny/" in it. I've thought about whitelisting anything that doesn't have a header content type of "text/html" instead, but I guess both work equally well. http://dev.plone.org/collective/changeset/84413 -- http://danielnouri.org _______________________________________________ Product-Developers mailing list [email protected] http://lists.plone.org/mailman/listinfo/product-developers
