-----Original Message----- From: Tom Schwaller [mailto:Tom.Schwaller@linux-magazin.de] Sent: Monday, June 07, 1999 5:19 PM To: zope@zope.org Subject: [Zope] Recursive aquisition: good or bad?
Hi all,
during the last 2 weeks I faced a massive performance problem with Zope because of a mistake I made setting relative links instead of absolute ones. I got things like:
/change/change/all/update/search/change
(different menu items clicked one after the other). Zope caches all this paths (is that correct?), so after a while Zope was very slow
Hmm.. this was a performance problem? I would guess it wouldn't be that much of a problem unless your paths got REALLY big.
(many people working with the pages quite a lot, during a hot production phase, so I got many different paths. Clearing the cache or restarting Zope "fixed" the problem)
After that I detected machines calling objects like
/issue1/article1/issue2/article3/news/index_html?newsid=500
although this kind of links do not appear when just surfing around (looks like search engines doing bad things)
So my question is: Is a link like
http://www.zope.org/Documentation/Information/Community/Information/QA
(which works) a feature or a bug of Zope?
It's 'featurish'. This kind of thing falls under the feature/bug anti-duality law. It's not a bug, because it's doing exactly the right thing, it's not a feature, because it's generally not very useful. I can imagine a situation somewhere in which it is useful (don't call my bluff) but I can also easily immagine situations in which it's not very useful at all (below).
The problem is, that nobody can forbid people to call such links, which is the problem I am facing right now (They just do it!). At least things like
/Documentation/Documentation/Documentation/Documentation
You can't forbid people, no, but you can prevent such paths from being constructed from *your* code. I don't think there is any kind of Denial of Server attack possible from this, a mild annoyance at best.
should not be allowed or did I miss some Zope Zen?
I think it should be allowed, and that the Zen be elaborated on a bit. You shouldn't design your site so that these things occur unless you really want it. -Michel