[Zope-dev] Re: names starting with '@' are not reserved
yuppie
y.2006_ at wcm-solutions.de
Mon Mar 13 14:02:19 EST 2006
Hi Paul!
Paul Winkler wrote:
> On Mon, Mar 13, 2006 at 07:06:28PM +0100, yuppie wrote:
>> I'm concerned about the people we encourage to use Five technology.
>> Views are a major feature of Five. Should we warn people not to use
>> views? Or instruct them how to patch Zope 2 to protect views against
>> being masked by content IDs?
>
> Or just document a warning that content whose ids begin with @@ can mask
> views?
>
> I'm wondering if this is a case of "Doctor, it hurts when I do this..."
It's quit common that normal users of Zope applications are allowed to
add content. You can educate programmers, but you can't solve a problem
like this by educating (sometimes untrusted) users. They can easily
screw up a Zope app by overriding important views. And if they can do it
some (untrusted) users will do it.
Cheers,
Yuppie
More information about the Zope-Dev
mailing list