On Wed, 30 Nov 2005 22:44:03 +0100, Paul Reznicek <[EMAIL PROTECTED]> wrote:
Hi JP & co.,
I've just started playing with current ATHENA - very nice !!!
Hi Paul, thanks :)
Is there any deeper security reason to use the "allowedMethods" mapping
additionally
to the simple fact, that a fragment implements a method only if it is
necessary?
I'm wary of making it possible to accidentally expose a method to the client.
Without allowMethods, it seems to be a quite simple to accidentally expose
things. For example, with your patch, the following methods can be invoked by
the client on any LiveFragment:
get
rend
remember
rememberStuff
child
renderer
render_sequence
render_mapping
render_string
render_xml
render_data
macro
getBindingNames
getBinding
getDefault
postForm
In that list, only postForm looks particularly scary, and many of these take
objects which cannot currently be passed to methods by the client (ie, the
context), but it is still quite a long list, and making it possible for the
client to call these methods seems unnecessarily risky to me.
If it seems okay to you, you can always create a LiveFragment subclass in your
project with the locateMethod implementation included in your patch and always
subclass that instead of LiveFragment.
With the above list of methods in mind, does it make more sense why
allowedMethods is present?
Jean-Paul
_______________________________________________
Twisted-web mailing list
[email protected]
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
