[Zope] Is there any way to turn off the publishing of external
methods to the web in Zope?
Andreas Jung
lists at zopyx.com
Fri Jan 26 10:35:58 EST 2007
--On 26. Januar 2007 10:29:08 -0500 "Mark, Jonathan (Integic)"
<jonathan.mark at integic-hc.com> wrote:
> I have an external method which uses eval(). I would like to prevent
> anyone from calling this method from inside a URL, e.g.,
> myzopesite/myexternalmethod?myvar=deletemyfiles()
>
> Rather, I wish for only Zope objects such as Python Scripts to be able to
> call this external method. Is there any way to turn off the publishing of
> external methods to the web in Zope?
The standard Zope security also apply to external method. Configure the View
permission according to your needs.
-aj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope/attachments/20070126/af50b98f/attachment.bin
More information about the Zope
mailing list