[Zope-dev] RE: objectIds accessiblilty & and a proposal
Paul Erickson
erickson@kaivo.com
Mon, 18 Dec 2000 13:25:57 -0700
If it is an issue for XML-RPC users, maybe there should be a
"Traversable" permission on Folder objects that could default to not
allowing web-traversal, but allowing it to be enabled if desired.
Would this affect FTP access to folders?
-Paul
Brian Lloyd wrote:
>
> This is something that has come up before. I propose
> that the real problem here is that 'objectIds' should
> not be web-traversable.
>
> I have, in fact, proposed this before. It caused a bit
> of grumbling among people using xml-rpc, who were using
> objectIds remotely, so we never came to closure on it.
>
> This comes up often enough that I'm inclined to do
> something about it for 2.3. I propose that objectIds
> (and objectValues) will not be directly accessible
> via the Web in 2.3. For xml-rpc applications, it should
> be a simple enough task to create a Python Script (or
> even a DTML Method) that *is* Web accessible to relay
> that information if it is needed.
>
> Thoughts?
>
> Brian Lloyd brian@digicool.com
> Software Engineer 540.371.6909
> Digital Creations http://www.digicool.com
>
--
Paul Erickson | erickson@kaivo.com
Kaivo, Inc. | www.kaivo.com