Reinhard Poetz pisze: > Grzegorz Kossakowski wrote: > > If we follow your arguments, we would also have to forbid passing > request attributes to sub requests. IMO this is too strict because this > would cause a lot of overhead, e.g. what about our flow implementations > that allow passing data objects ("bizdata" map) to the called pipeline > (though it isn't possible to call a servlet:/ URL directly ATM because > always the cocoon:/ protocol is used, but this restriction was > introduced long before the servlet:/ protocol was invented).?
Hmmm, I have not considered flowscript when I was formulating my opinion on this subject and it was an obvious mistake. Your argument is of course valid and it seems that the best compromise between functionality, performance and separation is to provide access to the data from parent request but in read-only mode. It means we should allow sub-request to access request attributes of calling request. When it comes to session (even in read-only mode) I'm very circumspect. I believe that the best strategy is to allow as less as possible that still enable us to make full use of servlet service capabilities. WDYT? -- Grzegorz Kossakowski Committer and PMC Member of Apache Cocoon http://reflectingonthevicissitudes.wordpress.com/