Hello, I put a proposed patch to http://trac.symfony-project.com/attachment/ticket/2352/secure_dev.patch but there are some issues that remain: a) Do we change this in 1.0 (proposal: no) b) Do we update the controllers on upgrade (proposal: no) c) Where in the documentation should we talk about it? d) Could putting more into the controller be a problem? What about later upgrades. Kris already said that we should not allow much editing in the files. e) Where is the generate:controller task. Is the absence intended? f) is a die without ipcheck a possible better solution?
.: Fabian On Fri, May 30, 2008 at 1:03 PM, Fabian Lange < [EMAIL PROTECTED]> wrote: > I can do that. > > .: Fabian > > > On Fri, May 30, 2008 at 12:06 PM, Ian P. Christian <[EMAIL PROTECTED]> > wrote: > >> >> Ian P. Christian wrote: >> > I want to hear from you all as to what you think the best method for >> > securing the default _dev files - I will not suggset anythign now, as I >> > want to present a blank slate. >> > >> >> I think we've all agreed that this needs implementing, and will be done >> by modifying the init-app task (or most likely the skeleton file) so >> that IP restrictions are put in place by default. >> >> Does anyone have time to implement this for the sf1.1 release? >> Unfortunatly work has me busy with non symfony stuff at the moment. >> >> >> >> > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
