[Zope3-dev] Re: URLs & Paths
Tim Hoffman
timhoffman@cams.wa.gov.au
12 Dec 2001 14:41:38 +0800
I gotta say say the .../contact/view;acquire business really makes me
worried.
I know I must be missing heaps here, but doesn't this mean
that we are making the behaviour of acquisition visible and therefore
invokeable from outside the system, (ie just by the inclusion or removal
of an argument in a URL.) Could this not lend itself to exploits.
Tim
On Wed, 2001-12-12 at 14:10, sean.bowman@acm.org wrote:
> hi,
>
> > To get the contact "view" presentation, you'd use:
> >
> > .../aContact/view;view
> >
> > where here the name "view" names both a specific presentation
> > component and the presentation namespace.
>
> I don't quite understand this. Why is the "view" there twice? And what
> exactly is a "presentation namespace?" The word "namespace" makes me
> think of referring to names in the view component that are defined in the
> content, but that doesn't seem to be what's going on here.
>
> > Let me try to clarify. To me, "acquire" means find something in a
> > place/context. Component lookup is always placeful.
>
> I don't exactly understand this, either; there seems to be some tension
> between the use of ";acquire" as in ".../aContact/foo;acquire" and the
> statement above. If "foo" is a component and component lookup is
> placeful, why do we have to add an explicit instruction to ";acquire" ?
>
> Sean
>
>
>
>
> _______________________________________________
> Zope3-dev mailing list
> Zope3-dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope3-dev