Lobbying (was: [Zope] html_quote in python methods?) - Zope - Zope lists

newer
Re: [Zope] First Project

Lobbying (was: [Zope] html_quote in python methods?)

older
Re: Re: [Zope] Re: decline...

Dieter Maurer

3 Jan 2001 3 Jan '01

10:12 a.m.

Jim Washington writes:

Can I keep this from happening? html_quote does not seem to be in the Python Method namespace. Please help lobbying that the functionality of all "dtml-var" attributes are exposed as standard functions.

The functions are there already, just not exposed to DTML and PythonScripts. Dieter

Reply

Sign in to reply online Use email software

Show replies by date

Chris Withers

3 Jan 3 Jan

11:26 a.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Dieter Maurer wrote:

Jim Washington writes:

...
Can I keep this from happening? html_quote does not seem to be in the Python Method namespace. Please help lobbying that the functionality of all "dtml-var" attributes are exposed as standard functions.

The functions are there already, just not exposed to DTML and PythonScripts.

I'll second this. It'd be _so_ nice... ever wanted to do: <dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))"> :-) Chris

Reply

Sign in to reply online Use email software

morten＠esol.no

1 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

[Chris Withers] | I'll second this. It'd be _so_ nice... | | ever wanted to do: | | <dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))"> I totally agree. -Morten

Reply

Sign in to reply online Use email software

Erik Enge

1:19 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

[Chris Withers] | <dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))"> What about security issues? Wouldn't this also allow those methods to be called TTW by any user?

Reply

Sign in to reply online Use email software

Chris Withers

1:27 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Erik Enge wrote:

[Chris Withers]

| <dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))">

What about security issues? Wouldn't this also allow those methods to be called TTW by any user?

No. Even if it did, what harm would it do? cheers, Chris

Reply

Sign in to reply online Use email software

Erik Enge

1:52 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

[Chris Withers] | Even if it did, what harm would it do? Denial of Service attacks was what I though of. But it's a non-issue I guess.

Reply

Sign in to reply online Use email software

Evan Simpson

3:24 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

From: Chris Withers <chrisw@nipltd.com>

<dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))">

Well, in Python Scripts at least, you can do:: from Products.PythonScripts.standard import special_formats url_quote = special_formats['url-quote'] return url_quote("<OK?>") It's not great, but it's something. Cheers, Evan @ digicool & 4-am

Reply

Sign in to reply online Use email software

Chris Withers

3:27 p.m.

New subject: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Evan Simpson wrote:

From: Chris Withers <chrisw@nipltd.com>

...
<dtml-call "somemethod(absolute_url()+urlquote(_.getitem(id))">

Well, in Python Scripts at least, you can do::

from Products.PythonScripts.standard import special_formats

Hmmm... can you do something similar to perform an XML-RPC call into another Zope instance? cheers, Chris

Reply

Sign in to reply online Use email software

9224

Age (days ago)

9224

Last active (days ago)

7 comments

5 participants

tags

participants (5)

Chris Withers
Dieter Maurer
Erik Enge
Evan Simpson
morten＠esol.no