improving policy matching WAS: Re: [Yanel-dev] WARNING: Security
issue re TinyMCE integration
simon
simon at 333.ch
Thu Jan 6 20:50:32 CET 2011
>
> We are currently working on further improving this, whereas there are
> several possibilities to do so and
> we will send a follow-up email in order to discuss on how to best
> proceed.
as discussed off-list there are several points which came to our mind
- rc-map allows request-parameter matching (this way editors would be
called on exactly the same path as the to edited content and the
additional request parameter is matched by rc-map.). this would NOT
solve the problem of multiple usecases under one path. i think this
would be important anyway.
-add some chain-of-responsibility pattern matcher (similar to the
rc-map) to the policy system. this would NOT solve the problem of
multiple usecases under one path. but probably a good idea anyway.
- invent some communication between YanelServlet and the current
resource (e.g. UsecaseableV1). to ask/tell about the current usecase.
this would allow to solve the problem of multiple usecases under one path.
WDOT?
cheers
simon
>
> Thanks
>
> Michael
More information about the Yanel-development
mailing list