I've attached a patch to the same ticket that creates a generate:controller task with options to support what is currently hard-coded into the generate:app task. I believe this is a more extensible implementation.
http://trac.symfony-project.com/ticket/2352 http://trac.symfony-project.com/attachment/ticket/2352/sfGenerateControllerTask.diff Cheers, Kris On Jun 9, 2008, at 6:05 AM, Fabian Lange wrote: > Hello, > Okay, I have applied a patch to 1.1: > http://trac.symfony-project.com/changeset/9489 > Thanks Thomas for the basename hint, i overlooked this (dunno why) > > I still think its not perfect but should help quite a lot and should > also really easy to fix for those which feel bothered by it. > Only side note here: it will make upgrade to 1.2 harder if front > controllers shall be modified again > .: Fabian > > On Sat, Jun 7, 2008 at 11:32 AM, Ian P. Christian > <[EMAIL PROTECTED]> wrote: > > Fabian Lange wrote: > > Hello, > > I put a proposed patch to > > http://trac.symfony-project.com/attachment/ticket/2352/secure_dev.patch > > but there are some issues that remain: > > a) Do we change this in 1.0 (proposal: no) > Agreed. > > b) Do we update the controllers on upgrade (proposal: no) > Agreed. > > c) Where in the documentation should we talk about it? > Chapter 3 > > d) Could putting more into the controller be a problem? What about > > later upgrades. Kris already said that we should not allow much > > editing in the files. > > e) Where is the generate:controller task. Is the absence intended? > > f) is a die without ipcheck a possible better solution? > Hmm.. maybe - Whatever we put there, I personally think there should > be > a line that links to a wiki page about securing your dev controller - > which has a whole load of snippets for doing it on various web > servers. > If we have a die() there by default - maybe we shouldn't create a _dev > at all by default? Perhaps a generaet:controller task is better... > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
