RE: read the map:parameter parameters

Tue, 09 Sep 2003 12:52:05 -0700 

> but it IS secure because all cocoon: URLs are internal only and cannot
> be accessed with a browser request.

I believe that the URIs are internal and hence secure only if you match them
in an internal *pipeline*. You need to specify this explcitely at the
pipeline level with the 'internal-only' attribute:

<map:pipeline internal-only="true">
  <map:match pattern="Search/find">
    ...
    </map:match>
</map:pipeline>

Olivier


-----Message d'origine-----
De : Tim Olson [mailto:[EMAIL PROTECTED]
Envoy� : mardi, 9. septembre 2003 21:09
� : '[EMAIL PROTECTED]'
Objet : RE: read the map:parameter parameters


i'm no expert, but isn't it as simple as:
<map:match pattern="Search/find">
  <generate src="{role}/blah/blah"/>
  ...
</map:match>

also, you said
> <map:generate src="cocoon://Search/find?role=myrole/>
>
> but this is not very secure cause everyone could set the role in which
> he want want to search!

but it IS secure because all cocoon: URLs are internal only and cannot be
accessed with a browser request.


> -----Original Message-----
> From: Frederic Gaus [mailto:[EMAIL PROTECTED]
> Sent: Monday, September 08, 2003 5:05 AM
> To: [EMAIL PROTECTED]
> Subject: read the map:parameter parameters
>
>
> hi all!
>
> maybe it is trivial - but I don't get it...
>
> I have a pipeline like this:
>
> <map:match pattern="search">
>   <map:generate src="cocoon://Search/find">
>     <map:parameter name="role" value="myrole"/>
>   </map:generate>
>   <map:transform src=".."/>
>   ...
> </map:match>
>
> in the pipeline cocoon://Search/find I want to read out this
> parameter..
> how do I do this?? I think with the module request-param it is not
> possible...
>
> of cause I could write something like
>
> <map:generate src="cocoon://Search/find?role=myrole/>
>
> but this is not very secure cause everyone could set the role in which
> he want want to search!
>
> Who can help me
>
> Thank you
>
> Freddy
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to