Mark, Jonathan (Integic) wrote at 2007-1-26 10:29 -0500: >I have an external method which uses eval(). I would like to prevent anyone >from calling this method from inside a URL, e.g., >myzopesite/myexternalmethod?myvar=deletemyfiles() > >Rather, I wish for only Zope objects such as Python Scripts to be able to call >this external method. Is there any way to turn off the publishing of external >methods to the web in Zope?
When you do not want that a object is called from the Web, you have too options: give it a non 'None' 'index_hmtl' (then this 'index_html' is called and can tell that this object must not be called directly) or give it an empty '__doc__'. The ZMI does not give you a way to do this, but you can do it in an interactive Python interpreter accessing your storage directly (under *nix: "bin/zopectl debug"). -- Dieter _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )