[Zope-dev] [RFClet]: What about the request method and the client side trojan?
Brian Lloyd
brian@zope.com
Wed, 10 Apr 2002 12:07:07 -0400
> >> should not accept REQUESTs with REQUEST_METHOD "GET".
>
> >This is hard, hard, problem. While some good ideas have been
> >proposed, there is not really a quick fix that doesn't have
> >some downside that some group somewhere considers a
> >showstopper :(
>
> I agree Olivers suggestion is not a total solution, but does it have a
> showstopper problem?
Only if you happen to have an application deployed and might
ever want to upgrade your Zope installation without having to
do a total code audit :^)
Brian Lloyd brian@zope.com
V.P. Engineering 540.361.1716
Zope Corporation http://www.zope.com