[quills-dev] Topic container security issue
Tim Hicks tim at sitefusion.co.ukSun Feb 24 13:37:58 UTC 2008
- Previous message: [quills-dev] Topic container security issue
- Next message: [quills-dev] Topic container security issue
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Clayton Parker wrote: > I had mentioned an issue with > __allow_access_to_unprotected_subobjects__ in certain situations to > tim2p on irc. Looking into it further I think I've solved it. I > tried to run the tests on trunk but they are broken at the moment. :(. I wasn't aware that there are test failures on trunk. That shouldn't be the case. > I'm sending this email to see if there are any problems with what I've > done. > > Here is the error I was receiving: > http://paste.plone.org/19698 > > Here is the fix I checked in: > http://dev.plone.org/collective/changeset/59287 The change looks innocuous enough, but should we add a getId method that returns the (now) private _id attribute? More generally, I don't really understand what the cause of the issue was, or whether it was really Quills' fault. I mean, I'm not aware of 'rules' about not having 'id' attributes on objects in plone. Are we just side-stepping something more fundamental? Tim
- Previous message: [quills-dev] Topic container security issue
- Next message: [quills-dev] Topic container security issue
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the quills-dev mailing list