[Zope3-Users] Re: AW: View or content provider

Stephan Richter srichter at cosmos.phy.tufts.edu
Tue Jul 17 08:08:56 EDT 2007


On Monday 16 July 2007 19:32, Daniel Nouri wrote:
> > I do not recommend using views for content that is only
> > used inside a template. Because "context/@@viewname"
> > is also traversable as a real view and will probably show
> > up in google.
>
> How would it show up in Google?  Google bots don't try arbitrary URLs, they
> follow links.
>
> Using ordinary views for parts of a HTML page works perfectly for me.

It works at the cost of security. How do you know that noone will figure out 
those views? And how do you know that they are properly secured, if you never 
test them standalone? This might not be too problematic for a single project, 
but would you like to install a package and suddenly get all those views that 
you do not know whether they are properly secured and may reveal sensitive 
information? I can tell you that some of my clients do care about this!

Regards,
Stephan
-- 
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training


More information about the Zope3-users mailing list