[Zope-CMF] Re: [dev] CMF 2.0 browser views and Five traversal
Paul Winkler
pw_lists at slinkp.com
Wed Mar 8 17:00:38 EST 2006
On Wed, Mar 08, 2006 at 10:52:09PM +0100, yuppie wrote:
> You could access the edit view with 'edit.html' instead of
> '@@edit.html', but that has a major drawback: View names are not
> protected in any way if used without '@@'. You can easily screw up your
> site by adding content with the ID 'edit.html'.
Could you elaborate? Does "not protected" mean that security
is bypassed??? or what?
--
Paul Winkler
http://www.slinkp.com
More information about the Zope-CMF
mailing list