[Zope-dev] Preventing scripts from being called directly

Chris Withers chris at simplistix.co.uk
Mon Aug 23 12:08:09 EDT 2004


Dario Lopez-Kästen wrote:
> because the scripts i use in conjunction with SUF and that return person 
> information are callable as http://server/acl_users/scriptname.

Oh, well those can be totally unavailable to everyone.
It seems the security machinery is bypassed at that stage in the game ;-)

> BTW, will SUF have support for FS-based scripts in the future?

It already does, see the section on subclass usage in the documentation 
and the tests...

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk



More information about the Zope-Dev mailing list