Brian Lloyd wrote:
Are you talking about 'ProtocolAccessibility'? It's still
there (though Jim has done some rearranging of things there
lately)...
http://www.zope.org//Wikis/DevSite/Proposals/ProtocolAccessibility
So it is :-)
Comments are still welcome...
Chris
snip wishlist
I did have a proposal for just this on dev.zope.org, but I see someone
has deleted it :-(
cheers,
Chris
Are you talking about 'ProtocolAccessibility'? It's still
there (though Jim has done some rearranging of things there
lately)...
Brian Lloyd[EMAIL PROTECTED]
Steve Alexander wrote:
On a related issue, what about other dtml snippets that people generally
don't want as web accessible, such as standard_html_header ?
On my pie-in-the-sky zope wishlist:
snip wishlist
I did have a proposal for just this on dev.zope.org, but I see someone
has
Dieter Maurer wrote:
There are objects, that should be usable by Anonymous
inside DTML but should not be viewable over the
web (as they will only confuse).
All page components (such as "standard_html_header/footer")
fall into this category.
Totally agree... this has bugged
-Original Message-
From: Dieter Maurer [mailto:[EMAIL PROTECTED]]
Toby Dickenson writes:
... protocol specific access rights ...
Please No.
Zope security is complex enough without having to worry about
different security settings depending on how a method is accessed.
On Mon, 18 Dec 2000 14:11:51 -0500, "Brian Lloyd" [EMAIL PROTECTED]
wrote:
This is something that has come up before. I propose
that the real problem here is that 'objectIds' should
not be web-traversable.
I have, in fact, proposed this before. It caused a bit
of grumbling among people
Toby Dickenson writes:
... protocol specific access rights ...
Please No.
Zope security is complex enough without having to worry about
different security settings depending on how a method is accessed.
(And we should have a lower tolerance for complexity when it applies
to
If you type in http://www.zope.org/Members/objectIds you get a list of
all Members. Although it is a useful feature.. ;) .. I can't really
see why objectIds should be available for everyone, at any given time.
Is this a bug or a feature?
I was able to do this as anonymous on another
Brian Lloyd wrote:
This comes up often enough that I'm inclined to do
something about it for 2.3. I propose that objectIds
(and objectValues) will not be directly accessible
via the Web in 2.3. For xml-rpc applications, it should
be a simple enough task to create a Python Script (or
If it is an issue for XML-RPC users, maybe there should be a
"Traversable" permission on Folder objects that could default to not
allowing web-traversal, but allowing it to be enabled if desired.
Would this affect FTP access to folders?
-Paul
Brian Lloyd wrote:
This is something that has
Paul Erickson wrote:
If it is an issue for XML-RPC users, maybe there should be a
"Traversable" permission on Folder objects that could default to not
allowing web-traversal, but allowing it to be enabled if desired.
Would this affect FTP access to folders?
-Paul
I agree. That would
[Brian Lloyd]
| This comes up often enough that I'm inclined to do
| something about it for 2.3. I propose that objectIds
| (and objectValues) will not be directly accessible
| via the Web in 2.3. For xml-rpc applications, it should
| be a simple enough task to create a Python Script (or
|
Dieter Maurer wrote:
Steve Alexander writes:
On my pie-in-the-sky zope wishlist:
What I'd like is a new tab for zope objects that allows me to say which
protocols the object is accessible from, and what to do if not.
For example:
access route
13 matches
Mail list logo