On Friday 12 Apr 2002 7:19 pm, Jeffrey P Shell wrote: >that your proposal isn't up there (or the catalog is up to its old charms ;)
No, its not up there. >But now, does this mean I have to go through and tag every method that might >cause a state change? Or might not? You wont ever *have* to do anything to your own methods. You might *want* to, if you want the extra protection against client side trojans that this declaration will give. >Now that I'm understanding things more, I never call non-idempotent methods >(I hope I'm using that term right) from DTML anymore Me to. Thats why I was suprised to see the opposition. >Overall, I still don't know how I feel about the whole thing. It's good to >have Zope as secure as possible, but if putting that security makes it >suddenly much harder to develop for or upgrade to/for, I worry about the >support costs involved. Indeed. _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
