Reed O'Brien added the comment:
Working toward a perfect email regex is pretty much a fool's errand.
The colander RE would miss my name reed.o'br...@reedobrien.com :( The
formencode one would allow my apostrophe :) but alas both would also allow
invalid emails: reed
On Feb 1, 2010, at 12:36 PM, Paul Everitt wrote:
>
> On Feb 1, 2010, at 12:35 PM, Tres Seaver wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Joan Miller wrote:
>>> Does anybody could write a little example about how to set up a
>>> MongoDB (through Ming [1]) data store with
On Sep 13, 2009, at 1:59 PM, Chris Rossi wrote:
> This looks reasonable. I think it would also be reasonable to just
> make this the standard 'view' functionality, since afaict the
> current functionality is a subset of this.
+1 for adding the attributes/functionality below as options to the
On Jul 6, 2009, at 11:13 PM, Tim Hoffman wrote:
> Hi Chris
>
> Thats awesome I think the docs story is getting really good for repoze
> and I personally think repoze.bfg is a good solution on app engine.
>
> For those interested here is the site (svfalf.appspot.com) that I have
> been working on
On Jul 6, 2009, at 10:42 PM, Tim Hoffman wrote:
> Hi all
>
> Thanks guys, I thought I was going mad,
>
> All your responses made it look easy to find this info which worried
> me as I am big on rtfm
> so I went back to the site to try and find the xmlrpc doc and again
> couldn't find it.
>
> Here
On Jul 6, 2009, at 9:23 PM, Tim Hoffman wrote:
> Hi
>
> I seem to remember seeing on this list (or somewhere else on the net
> ;-) an example of using zcml
> to specify an xmlrpc view ( - probably not explaining it well here )
> but the for the life of me
> I can't find such a thing anywhere , I
On Jul 6, 2009, at 9:23 PM, Tim Hoffman wrote:
> Hi
>
> I seem to remember seeing on this list (or somewhere else on the net
> ;-) an example of using zcml
> to specify an xmlrpc view ( - probably not explaining it well here )
> but the for the life of me
> I can't find such a thing anywhere , I
Finished a once over the API docs.
Possible nit:
location.html#repoze.bfg.location.locate
I don't like locate as the name for the function as I expect it to
find me something rather than make something location aware.
I would expect it o be something like emplace, set, put or something.
I
On May 12, 2009, at 12:17 PM, Chris McDonough wrote:
> On 5/12/09 12:00 PM, Malthe Borch wrote:
>> 2009/5/12 Chris McDonough:
>>> If we ever do release an 80%-compatible publisher replacement, we
>>> should call it
>>> something other than "repoze.zope2".
>>
>> I doubt if we're really talking 8
On May 11, 2009, at 4:45 AM, bfg-build...@securactive.org wrote:
> The Buildbot has detected a failed build of py2.6-64bit-linux on
> Repoze BFG trunk.
> Full details are available at:
> http://bfg.buildbot.securactive.orgbuilders/py2.6-64bit-linux/builds/3
Bad link, should have a slash betwee
On Apr 27, 2009, at 1:31 PM, Reed O'Brien wrote:
On Apr 27, 2009, at 1:18 PM, Chris McDonough wrote:
I'm actually having a bit of trouble naming those things. At first
they were
called "plugin types", then "provides types", then finally
"component
On Apr 27, 2009, at 1:46 PM, Chris McDonough wrote:
> On 4/27/09 1:42 PM, Paul Everitt
>>
>>> In response to the original question, it seems that everyone is on
>>> board with factoring out genshi and xslt to add-on packages and
>>> leaving just chameleon.zpt as the one template system that ships
On Apr 27, 2009, at 1:18 PM, Chris McDonough wrote:
> On 4/27/09 5:19 AM, Malthe Borch wrote:
>> I realize this documentation[1] is still in progress; yet, here are
>> some comments, posted to the list to maybe encourage some kind of
>> debate (since it's likely that there will be several consume
On Apr 27, 2009, at 12:41 PM, Malthe Borch wrote:
> 2009/4/27 Reed O'Brien :
>> +0 I think it is OK to have a default one. Think "hello world".
>
> Devil's advocate here, but:
>
>>>> print "Hello world"
>
> You kind of don't
On Apr 27, 2009, at 12:22 PM, Chris Rossi wrote:
> In my opinion, all templating should be add-ons in BFG.
+0 I think it is OK to have a default one. Think "hello world".
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/l
On Mar 27, 2009, at 1:10 AM, Malthe Borch wrote:
2009/3/26 Reed O'Brien :
But google's search is a GET request; which should be idempotent and
shouldn't need CSRF protection.
True that.
Right you could have a ticket system, but is it really necessary for
the general si
On Mar 26, 2009, at 10:55 AM, Malthe Borch wrote:
2009/3/26 Reed O'Brien :
I still think you need to use a second form specific header/cookie.
So you
can be sure that the form being submitted isn't stale. I don't
think it wise
to use an already existing session; as an ins
On Mar 26, 2009, at 10:21 AM, Malthe Borch wrote:
2009/3/26 Reed O'Brien :
I thought it was less about authenticating the user; more about
verifying
that the requestor POSTing a form was the same requestor that
requested a
form.
Right, but authentication is one way of identify
On Mar 26, 2009, at 6:14 AM, Malthe Borch wrote:
2009/3/26 Wichert Akkerman :
Is that safe? Isn't there a risk of that csrf cookies persisting
longer
than the auth session?
The assumption with the CSRF vulnerability is that there *is* a cookie
that authenticates the user. If it had expired,
19 matches
Mail list logo
