10 Apr
2002
10 Apr
'02
4:45 p.m.
From: "Oliver Bleutgen" <myzope@gmx.net>
I was thinking more of something like adding the checks individually to each method in stock zope for which it is appropriate.
Brian is of course right in his other mail by stating that this might and will break custom products which use the wrong method, but I wouldn't call a global s/method='GET'/method='POST'/g ( SCNR ;-) ) a code audit. It might be also made customizable via a command line switch to z2.py in the beginning, with default to off.
This would be a huge task. My gut feeling is that it is a lot of work for very little benefit, although I don't really have any arguments to back that up with.