On Wed, 2011-12-14 at 00:41 -0800, rihad wrote: > Hi, Chris. Since Deform doesn't mention CSRF, I assume it must be done > by another session-based plugin at the discretion of the developer? > Like, opt-in security? :)
http://deformdemo.repoze.org/pyramid_csrf_demo/ Maybe you could tone down the snark ala "like, opt-in security"? It's pretty off-putting. > Also, the docs say that some form controls rely on JS being available. > That's understandable, like in the case of date-time controls. Still > it would be great if the generated HTML targeted both JS-on and JS-off > users via <noscript>. Like a fuzzy scripted date widget vs. simple > combo-boxes to do the same thing. It doesn't out of the box, but you can register your own widgets for schema types if you really need to: http://docs.pylonsproject.org/projects/deform/en/latest/widget.html - C -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
