cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralph Goers" <Ralph.Go...@dslextreme.com>
Subject Re: [RT] since we are at it, more irons in the template fire: Xenon
Date Wed, 08 Dec 2004 20:22:31 GMT
Glen Ezkovich said:
> On Dec 8, 2004, at 11:10 AM, Stefano Mazzocchi wrote:
>>
>> I think we should call our CTemplates taglibs "lenses" instead.
>
> Call them what you will. It doesn't change the core issue. If "lenses"
> allow you access databases, send emails, invoke business methods, etc.
> you still are inviting JSP/XSP like abuse, albeit, syntacticly not as
> ugly. It is not what you want to use them for, but what they can be
> used for and how they are introduced into the system that lead to
> potential problems.

Actually, I always thought that taglibs were the "good part" of JSPs.  It
is the fact that you can code Java in them that makes them dangerous.  If
one can control what tag libraries are available and not allow java code
in the template then SOC is possible.  Of course, a tag library that
allows you to code a select statement as a parameter would be awful, but
you can't control everything in life.

Ralph


Mime
View raw message