cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivelin Ivanov <ive...@apache.org>
Subject Re: [RT] Flowmaps
Date Tue, 18 Jun 2002 12:21:01 GMT
Ovidiu Predescu wrote:
> On 6/17/02 11:22 PM, "Christian Haul" <haul@dvs1.informatik.tu-darmstadt.de>
> wrote:


> I actually like the way variables are automatically bound in WebObjects,
> where you have to explicitly define the automatic binding, by mapping an
> instance variable to a form parameter. I was thinking to follow a similar
> pattern, and have a way to specify that a given local variable in a function
> is to be bound to a form parameter. In WebObjects this association is
> totally under the control of the programmer, and the same way should be done
> in Cocoon.

XMLForm is already doing it.


> 
> Could this be a potential security problem?

I guess Christian suggests that a malicious attacker can pass parameters 
which will modify undesired parts of the model.





> 
> Greetings,
> Ovidiu
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
> For additional commands, email: cocoon-dev-help@xml.apache.org
> 
> 



-- 

-= Ivelin =-


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message