On Thu, January 26, 2006 10:05 am, Ted Husted said: > ** To enable the interface, a developer can set the Controller > attribute to TRUE. Otherwise, we break backward compatiblity, and we > would need to increment the major version number. > > * Like many other things, if we rolled the major version number on > this codebase, we'd change the default to TRUE to enforce the > preferred behavior. But, for a minor release, we shouldn't force > everyone to change perfectly good actions that already check > isCancelled.
IMO, *any* solution which does not change the default behavior is pointless. As I've said before, we are talking about something that is a security concern, to whatever degree (and the degree is debatable, as we've seen in this thread). Not changing the default behavior does not address that concern as far as I can see. To repeat my past analogy, this would be like Microsoft releasing a patch for a security hole but leaving the hole open by default until a developer flips a switch to close it. I realize changing the default behavior breaks backwards-compatibility, but backwards-compatibility should never trump security. I also realize this has implications for version numbers and even implications for what happens in the future, but I think these are sacrifices that need to be made in the name of plugging a potential security hole. Also, I just want to be sure everyone is on-board not only with fixing this in 1.3 but in the 1.2.x branch as well. Much of the discussions about the solution that I've seen look to revolve around 1.3, and I just want to be sure no one is dismissing patching the 1.2.x branch as well. > -Ted. Frank --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
