On Thursday 30 May 2002 10:29 am, Lennart Regebro wrote:

> It not only sounds good, but it is good.No, it' is fantastic. Amazing.
> Totally unbelivingly great! It's one of the best and main features of Zope.

Is anyone relying on your site to provide information? How do you test your 
site to make sure that every possible url (not just the ones you link to) do 
not give out misinformation.

Some specific problems that I have encountered:

1. Content that crosses between virtual hosts.

If two different virtual hosts come from the same zope then it is possible to 
construct a URL so that content from one site appears under the hostname (and 
https certificate!) of another.

2. A page that uses a mix of context and containment

If a page is built up with some content found from its context, and other 
content from containment, then it is possible to construct a URL so that 
apparently related information comes from unrelated objects.  Imagine a 
medical imaging database, where it was possible for a page do display the 
wrong patient name above an image.

My conclusions are:

a. implicit acquisition is dangerous

b. acquisition that searches outside the containment hierarchy is evil.

Im not keeping up with Zope 3 development..... how does Zope 3 handle 

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to