On 6 July 2012 14:09, Richard Harley <rich...@scholarpack.com> wrote:
> On Zope 2.10 is there a simple/universal way to only allow python scripts to
> be called by DTML methods or other python scripts and not directly TTW?

You can check that the script is not the published object with:

    if container.REQUEST['PUBLISHED'] is script:
        raise 'Forbidden'

For newer versions of Zope raise an exception object:

    from zExceptions import Forbidden
    if container.REQUEST['PUBLISHED'] is script:
        raise Forbidden('Script may not be published.')

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to