Andreas Hucks wrote: > That might be possible to spoof... I actually intended it the other way > around - the system checks if the server running the script is a > development machine, not if the client issuing the request is.
Sometimes you also need to be able to use the dev environment on the production machine. I think we need to think about the problem with all environments in mind, not only the dev environment. There is nothing special about the dev environment except the fact it's created by default. Also, we need to keep in mind that there are a lot of possible deployment strategies: FTP, rsync, checkout, ... and a lot of possible server softs and configuration. So, the solution must take all those things into account. Fabien > > Andreas > > [EMAIL PROTECTED] schrieb: >> I second this. This could be useful as a setting for applications as >> well. Like putting all backend-stuff in a separate app, and then >> require specific IP's for access. It seems natural to provide this >> kind of functionality as an environment-dependent setting, preferably >> with customizeable fallback: >> >> prod: >> .secure_access: >> allow: //list ip's >> disallow: //list ip's >> fallback: //name of environment || app || url || none >> (404/500) >> >> Regards, Gunnar >> >> On May 16, 2:55 pm, Andreas Hucks <[EMAIL PROTECTED]> wrote: >>> Improvement: make "dev_hosts" an array for development on multiple machines. >>> >>> Andreas Hucks schrieb: >>> >>>> How about having a setting "dev_host" or something in security.yml or >>>> other config. If the server executing the script does not match >>>> dev_host, symfony either won't execute the dev environment at all, or >>>> revert back to prod. >>>> That way, it defaults to "don't execute dev", and cannot be overlooked >>>> by accident when uploading. >>>> Cheers, >>>> Andreas >>>> Ian P. Christian schrieb: >>>>> I want to hear from you all as to what you think the best method for >>>>> securing the default _dev files - I will not suggset anythign now, as I >>>>> want to present a blank slate. >>>>> I will implement the solution we finally agree on. >>>>> Thoes that want to help please let me know. > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
