If it is an issue for XML-RPC users, maybe there should be a
"Traversable" permission on Folder objects that could default to not
allowing web-traversal, but allowing it to be enabled if desired.
Would this affect FTP access to folders?
-Paul
Brian Lloyd wrote:
>
> This is something that has come up before. I propose
> that the real problem here is that 'objectIds' should
> not be web-traversable.
>
> I have, in fact, proposed this before. It caused a bit
> of grumbling among people using xml-rpc, who were using
> objectIds remotely, so we never came to closure on it.
>
> This comes up often enough that I'm inclined to do
> something about it for 2.3. I propose that objectIds
> (and objectValues) will not be directly accessible
> via the Web in 2.3. For xml-rpc applications, it should
> be a simple enough task to create a Python Script (or
> even a DTML Method) that *is* Web accessible to relay
> that information if it is needed.
>
> Thoughts?
>
> Brian Lloyd [EMAIL PROTECTED]
> Software Engineer 540.371.6909
> Digital Creations http://www.digicool.com
>
--
Paul Erickson | [EMAIL PROTECTED]
Kaivo, Inc. | www.kaivo.com
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
