[Zope] Re: Re: [Security] How to encrypt a Zope oid ?
Jaroslav Lukesh
lukesh at seznam.cz
Mon Sep 15 06:06:47 EDT 2003
> Odesílatel: Sinclair <fred.duwez at freesurf.fr>
> OK, but with Zope, you can build a application controller who call decode
> parameters and call the real zope object. Or a simple page page
controller
> who encrypt his parameters :
>
> Example : a document has url :
> $ZOPE/.../document_manager/document_37.
>
> I wish the displayed url looks like :
> $ZOPE/.../document_manager?document=k2316fge54dsgb51v3vsdv4
>
> That is the document_manager who translates an unreadable parameter to
> document real url.
Unreadable? Not available... But you could use POST request method with use
of hidden form field. But I have tool for download these pages too. So you
will block only lamers, some search engines does hidden fields form
submitting too.
Regards JL.
More information about the Zope
mailing list