Just a quick word of warning: You're now essentially passing unfiltered user input directly into the template loader. Depending on what content you have in your templates, this may imply a security risk. For instance, if you have a template that hard-codes any secure information, such as system account information or settings or whatever, and someone happens to guess the name of that template, the URL pattern you're using would allow them to pull up that template directly, even if you have authentication protecting the view that normally accesses it.
Keep in mind, though, that this would only pull up the private template, not the private view. So it would load the template with a different context, and would probably not render very well. All the same, any content that's hard-coded directly in the template, rather than being pulled from the context, is fair game for an attacker to access. Consider something like this instead: #in urls.py def easy_template(name): return (r'^%s/$' % name, direct_to_template, {'template': '%s.html' % name}) urlpatterns = patterns('', (r'^$', direct_to_template, {'template':'home.html'}), easy_template('compliance-bsa'), easy_template('compliance-audits'), easy_template('bsa-audits'), easy_template('compliance-officer'), ) That way, you get to work some DRY magic, while still being able to explicitly declare exactly which templates are accessible through this scheme. That's untested, by the way, but it should work. -Gul --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---