I do not secure _dev controllers, i just don't deploy them...
On 16 mai, 21:43, Fabien POTENCIER <[EMAIL PROTECTED]
project.com> wrote:
> The goal is to be secure by default, not to prevent people from doing
> stupid things ;)
>
> Fabien
>
>
>
> Frank Stelzer wrote:
> > Hi,
>
> > I have one question.
> > Where do you want to put the code with the ip check?
>
> > Directly in frontend_dev.php or will there be created
> > sfProdFrontWebController and sfDevFrontWebController classes?
>
> > When the code will be placed in *_dev.php files, there exists the risk
> > that a developer switches the constants of a prod controller to
>
> > define('SF_ENVIRONMENT', 'dev');
> > define('SF_DEBUG', true);
>
> > out of any debugging reasons or whatever.
>
> > In this case, the ip check will not be executed, because this file is
> > no native dev controller.
>
> > I know one has to be a little foolish doing so, but the risk is still
> > here....
>
> > Am 16.05.2008 um 18:53 schrieb Ian P. Christian:
>
> >> Fabian Lange wrote:
> >>> Hi *,
> >>> Interesting that there are so many replies.
> >>> Ill reply to the initial posting, cause I feel that I can't agree
> >>> on any
> >>> other.
>
> >> In that case... before we see a whole load of +1's for this thread -
> >> anyone have a -1 with any reason?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
-~----------~----~----~----~------~----~------~--~---
