[Zope3-dev] quoting cookies
Tres Seaver
tseaver@zope.com
20 Feb 2003 12:16:14 -0500
On Thu, 2003-02-20 at 12:04, Steve Alexander wrote:
>
> > I got interested in this thread because I'm trying to define patterns
> > that separate configuration from software. One pattern is that when a
> > spec leaves an important detail unresolved and enough people have
> > interpreted the spec differently, the implementation of that detail
> > should be configurable.
>
> I agree that it should be configurable, but on a per-cookie basis not a
> per-site basis, with urlquoting as the default.
>
> Tres proposes a per-site policy, given by a utility.
Chatting with Shane, I realized that it might need to be a view, as one
of the branchpoints might need to be HTTP_USERAGENT.
> I think that different subsystems (e.g. authentication, shopping
> basket...) may need to integrate with different external systems. So,
> using the same utility for all of these will not work.
Named utilities would allow that kind of flexibility, perhaps.
> I think that if you install a special authentication system that knows
> how to work with a particular external system, then it should handle the
> particular quoting requirements to work with that external system.
You think of this issue as "vertical"; in the absence of real use
cases, I can only say "horizontal". My real "line in the sand" is that
I *don't* want any argument twiddling in the API of the request object;
either it is configurable via component architecture mechanisms, or it
isn't, but the policy choice should not be wired into the "mechanism"
level.
Tres.
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.com