Fabian Lange wrote: > Hello, > I put a proposed patch to > http://trac.symfony-project.com/attachment/ticket/2352/secure_dev.patch > but there are some issues that remain: > a) Do we change this in 1.0 (proposal: no) Agreed. > b) Do we update the controllers on upgrade (proposal: no) Agreed. > c) Where in the documentation should we talk about it? Chapter 3 > d) Could putting more into the controller be a problem? What about > later upgrades. Kris already said that we should not allow much > editing in the files. > e) Where is the generate:controller task. Is the absence intended? > f) is a die without ipcheck a possible better solution? Hmm.. maybe - Whatever we put there, I personally think there should be a line that links to a wiki page about securing your dev controller - which has a whole load of snippets for doing it on various web servers. If we have a die() there by default - maybe we shouldn't create a _dev at all by default? Perhaps a generaet:controller task is better...
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
