Re: [Zope] unicode, zmi, utf-8, management_page_charset and default-zpublisher-encoding
Hi Dieter, Dieter Maurer wrote: > Joerg Baach wrote at 2007-5-24 15:28 +0100: >> ... >> I am not sure here, but it looks to me that just using utf-8 constantly >> might suffice for 'just' storing, modifying and indexing- or am I >> missing something? > > Sure, this is a possibility. You are then using "utf-8" encoded strings > rather than unicode itself. You lose a bit of ease when interfacing with > systems that do not use "utf-8". Ok, I think I will live with that. Thanks a lot! Cheers, Joerg ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope 2, local python script security
On 5/23/07, David H <[EMAIL PROTECTED]> wrote: I have a (zope 2.8.8-final) folder that gives users with the role "Authenticated" the following Permissions: --- . access contents . view - note: no webDav or FTP access is allowed --- Playing around with wget and curl I find I can (with proper authentication) download the "published" but not raw source of zpt and python files available in the folder. So, for example, the script "\folder\pyDate" returns '2007/05/23' not its source, e.g. # module: pyDate from DateTime import DateTime return DateTime().Date() This is the behavior I want - as we have a requirement to keep source secure. I realize that source in Zope-Instance/Extensions is the most secure but I'm interested in local script security. I am not sure what your question is, you didn't state any. I am guessing that you want to know if there is any way Authenticated could get at the source anyway. The answer to that question is: no, unless users have additional permissions they cannot see the sourcecode of DTML and Python scripts. -- Martijn Pieters ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] help with detecting mime_type
--On 24. Mai 2007 11:31:17 +0100 Alan <[EMAIL PROTECTED]> wrote: Dears, In my external method I can get mime_type = file.headers.headers[1].split()[1] and then my code proceed based on which mime type was identified for the file uploaded. What happens now is that a user uploading a tgz file from a Windows platform and then my code did not identify it as a application/x-gzip-compressed or similar (it gets application/octet-stream). As far as I understood from this case, such mime type info is passed by user's system (where Windows usually is not aware of tar.gz, tgz etc format) rather than being set by zope server. AFAIK..all Zope types derived from OFS.File or OFS.Image are using OFS.contenttypes.guess_content_types()...if the 'content-type' header isn't available. Otherwise Zope will use it. -aj pgpMsaCGABmdo.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] help with detecting mime_type
Dears, In my external method I can get mime_type = file.headers.headers[1].split()[1] and then my code proceed based on which mime type was identified for the file uploaded. What happens now is that a user uploading a tgz file from a Windows platform and then my code did not identify it as a application/x-gzip-compressed or similar (it gets application/octet-stream). As far as I understood from this case, such mime type info is passed by user's system (where Windows usually is not aware of tar.gz, tgz etc format) rather than being set by zope server. So since I was not aware of that, my question is: does anyone know a better and reliable way of identifying a file mime type (or a file format) independent from which platform/browser it is submitted? I realise I can use a conditional for checking extension file name in addition to mime type detection. But I would go for that only if I cannot find anything fairer. Many thanks in advance. Alan -- Alan Wilter S. da Silva, D.Sc. - CCPN Research Associate Department of Biochemistry, University of Cambridge. 80 Tennis Court Road, Cambridge CB2 1GA, UK. http://www.bio.cam.ac.uk/~awd28<< ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
