I was looking at the virginia sample application, and I have a few
question :
- What mechanism protects the application from viewing the /../ dir ?
I know the open method from Filesystem check the path before opening a
file, but that doesn't explain that when going to the url http://localhost:6543/../ , I am redirect to http://localhost:6543/../ .
- Is there a reason so much interfaces are used ? IFilesystem is never
referenced outside of Filesystem, and IStructuredText isn't even
implemented.
> I was looking at the virginia sample application, and I have a few > question :
> - What mechanism protects the application from viewing the /../ dir ? > I know the open method from Filesystem check the path before opening a > file, but that doesn't explain that when going to the url http://localhost:6543/../ > , I am redirect to http://localhost:6543/../ .
I'm afraid the example doesn't defend against relative '..' at all.
> - Is there a reason so much interfaces are used ? IFilesystem is never > referenced outside of Filesystem, and IStructuredText isn't even > implemented.
> Thank for helping me understand that.
The pattern of registering views and adapters against interfaces, rather than directly against classes, goes back to our Zope-ish roots. I think some of those interfaces are actually left over from the time when Chris re-wrote 'repoze.kiss' to function as a BFG-based application: in 'repoze.kiss', there were real views registered for all the interfaces.
Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> The pattern of registering views and adapters against interfaces, rather
> than directly against classes, goes back to our Zope-ish roots. I think
> some of those interfaces are actually left over from the time when Chris
> re-wrote 'repoze.kiss' to function as a BFG-based application: in
> 'repoze.kiss', there were real views registered for all the interfaces.
Historical reasons ? That's what I thought. But, as it's used as an
example application, wouldn't it be less confusing for newcomers to
"clean" the application from the bits that aren't useful any more, in
order to get a minimal working example ? If that's a good, idea, I
volonteer.
On Wed, 2011-03-02 at 02:21 -0800, Georges Dubus wrote:
> On 1 mar, 23:00, Tres Seaver <tsea...@palladion.com> wrote:
> > I'm afraid the example doesn't defend against relative '..' at all.
> That's what I would have thought, but http://localhost:6543/../ > redirects to http://localhost:6543/ (sorry, typo in the previous > message). I thought this had something to do with virginia, but it > seems that the ".." is interpreted earlier in the framework. I fact, > it looks like it's the expected behaviour for an url ( just try : > http://groups.google.com/group/pylons-devel/../../.. )
In a traversal-based application, Pyramid recomputes all '..' segments from the path at ingress, computing a traversal path before the application ever sees it.
> > The pattern of registering views and adapters against interfaces, rather > > than directly against classes, goes back to our Zope-ish roots. I think > > some of those interfaces are actually left over from the time when Chris > > re-wrote 'repoze.kiss' to function as a BFG-based application: in > > 'repoze.kiss', there were real views registered for all the interfaces.
> Historical reasons ? That's what I thought. But, as it's used as an > example application, wouldn't it be less confusing for newcomers to > "clean" the application from the bits that aren't useful any more, in > order to get a minimal working example ? If that's a good, idea, I > volonteer.
That'd be fine by me, if you can work up a pull request.
