[Zope-Coders] Re: [ZPT] CVS: Zope/lib/python/ZTUtils - Tree.py:1.8
Jamie Heilman
jamie@audible.transient.net
Thu, 3 Oct 2002 20:08:46 -0700
Martijn Pieters wrote:
> Are you telling me that you are going to use a tree that is 5000 nodes deep,
> all expanded? You'll have greater problems with the resulting cookie not
> fitting into any browser limit anywhere. Not a likely scenario, no?
No. I'm saying a single step, or 1 SimpleTreeNode.id, with a length
of 5000. Your conditional code will allocate that length (unless
there's some snazzy tricks going on behind the scenes with the *
operator) over again for the test. Browser limits aren't relevant,
DoS tools don't follow protocol standards. More the point though, is
there a downside to only testing the only first character? Yes I can
hand you a bogus string of node id's and depth encodings, but by doing
so, can I make anything bad happen? If not, then testing only the
first character should be more efficient. If so, well then, lets fix
it.
--
Jamie Heilman http://audible.transient.net/~jamie/
"Paranoia is a disease unto itself, and may I add, the person standing
next to you may not be who they appear to be, so take precaution."
-Sathington Willoughby