[Zope-dev] [RFClet]: What about the request method and the client side trojan?

Toby Dickenson tdickenson@geminidataloggers.com
Thu, 11 Apr 2002 14:55:14 +0100


On Thursday 11 April 2002 4:39 pm, Casey Duncan wrote:
>Toby Dickenson wrote:
>[snip]
>
>> 4. Change dtml to not allow <dtml-var someNonIdempotentMethod>, although
>> it should still allow <dtml-var "someNonIdempotentMethod()">
>
>Ahhh!
>
>How do you propose to do that? I see a lot of bruised foreheads
>resulting from this...

Really? <dtml-var someNonIdempotentMethod> only works with methods that take 
zero parameters (excluding self). The question is: how many zero parameter 
non-idempotent methods are there?

I have only been able to find one such method in the current Zope cvs, and I 
get similarly optimistic results in my products. 


>Likely very common.

So far I have only been checking with crude greps, so I could be wrong. Any 
chance you could spend a couple of minutes looking for an example to share?