[Chameleon] html template processing

Paul Spencer pagameba at magma.ca
Fri Aug 6 14:02:52 EDT 2004 

This raises an interesting security issue (well, Daniel raised it).  I 
am currently thinking about how this could be abused and possible ways 
to prevent it.

Cheers,

Paul

Paul Spencer wrote:

> there is no exclude capability right now.  Its a very 
> straightforward/simplistic file-include capability with no attempt at 
> logic.
> 
> I think a discussion on possible uses could be very interesting though 
> ... one enhancement we did make was that the [# #] and [$ $] directives 
> are processed mulitple times now (i.e. until no more are found) which 
> allows recursive inclusion.  This opens up the possibility to do 
> something like:
> 
> [$toolset$]
> 
> and then pass something like:
> 
> toolset=[#../../general/html/tools_navigation.html#]
> 
> in the URL.  Having multiple include files with different combinations 
> could then be managed via the GET request to the page rather than having 
> to edit the page ...
> 
> Cheers,
> 
> Paul
> 
> bartvde at xs4all.nl wrote:
> 
>> Hi list,
>>
>> I have just started my first tour of the HTML snippets, it works great. I
>> have put all my general toolbars in a separate HTML file and use them in
>> the application templates through:
>>
>> [#../../general/html/tools_navigation.html#]
>>
>> etc.
>>
>> Is there any option to exclude tools from the separate HTML file with a
>> directive? That way I could generate a full set of tools and exclude them
>> in the application templates when needed. That would make content
>> management a bit simpler in my opinion.
>>
>> Something like:
>> [#../../general/html/tools_navigation.html#]
>> [#exclude BoundingBoxPopup#]
>>
>> Best regards,
>> Bart
>> _______________________________________________
>> Chameleon mailing list
>> Chameleon at lists.maptools.org
>> http://lists.maptools.org/mailman/listinfo/chameleon
>>
> 

-- 
  -----------------------------------------------------------------
|Paul Spencer                           pspencer at dmsolutions.ca   |
|-----------------------------------------------------------------|
|Applications & Software Development                              |
|DM Solutions Group Inc                 http://www.dmsolutions.ca/|
  -----------------------------------------------------------------

More information about the Chameleon mailing list