[Zope-dev] Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-04 Thread Evan Simpson
From: Chris Withers [EMAIL PROTECTED] Only if you add security declarations to expose functionality from xmlrpclib. Is that hacky and nasty? :-S In Zope 2.3, you place the following code somewhere that it will get executed at startup (a custom Product's __init__ is the best bet): from

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers
Dieter Maurer wrote: Jim Washington writes: Can I keep this from happening? html_quote does not seem to be in the Python Method namespace. Please help lobbying that the functionality of all "dtml-var" attributes are exposed as standard functions. The functions are there already,

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Morten W. Petersen
[Chris Withers] | I'll second this. It'd be _so_ nice... | | ever wanted to do: | | dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))" I totally agree. -Morten ___ Zope maillist - [EMAIL PROTECTED]

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers
Erik Enge wrote: [Chris Withers] | dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))" What about security issues? Wouldn't this also allow those methods to be called TTW by any user? No. Even if it did, what harm would it do? cheers, Chris

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Erik Enge
[Chris Withers] | dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))" What about security issues? Wouldn't this also allow those methods to be called TTW by any user? ___ Zope maillist - [EMAIL PROTECTED]

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Erik Enge
[Chris Withers] | Even if it did, what harm would it do? Denial of Service attacks was what I though of. But it's a non-issue I guess. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Evan Simpson
From: Chris Withers [EMAIL PROTECTED] dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))" Well, in Python Scripts at least, you can do:: from Products.PythonScripts.standard import special_formats url_quote = special_formats['url-quote'] return url_quote("OK?") It's not great,

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers
Evan Simpson wrote: From: Chris Withers [EMAIL PROTECTED] dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))" Well, in Python Scripts at least, you can do:: from Products.PythonScripts.standard import special_formats Hmmm... can you do something similar to perform an