cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joerg Heinicke <>
Subject Re: Possible security problem with flowscript
Date Wed, 20 Oct 2004 18:57:21 GMT
On 20.10.2004 20:07, Carsten Ziegeler wrote:

> IMHO it is simply wrong to continue a script in a 
> sitemap where it hasn't been declared - and as soon as the flow script tries
> to address relative resources it won't work anyway.

But how should binding a continuation to the sitemap solve the problem? 
You are always forced to divide your application into two parts (i.e. 
sitemaps), one that is protected, one unprotected. Or am I wrong?


View raw message