[Zope] Proposal: Include tino's patched <dtml-in> in future Z ope

Dieter Maurer dieter@handshake.de
Tue, 27 Feb 2001 22:14:14 +0100 (CET)


Toby Dickenson writes:
 > Lets put it in a context... suppose the example dtml was part of a search
 > results page on www.zope.org. The element of the sequence might be one of my
 > HOWTOs.
 > 
 > I am free to add any property to my HOWTOs. Therefore I can break the dtml
 > if I know what prefix it is using, by adding a property with the appropriate
 > name.
 > 
 > Everything is fine if you are happy with level of robustness, but please
 > remind me never to trust important data to your application.
Is that not a standard problem in the Zope context?

  If you access any object via acquisition or the DTML namespace,
  then the definition of a new property can break code:
  the property may be retrieved rather than an object
  formerly acquired, looked up deeper in the namespace.


Dieter