[Cubicweb] annotating divs with rql and vid
nicolas.chauvat at logilab.fr
Thu May 24 16:59:08 CEST 2012
On Thu, May 24, 2012 at 04:03:58PM +0200, Sylvain Thénault wrote:
> * We should be able to have cubicweb sites working without allowing
> arbitrary rql to be given in http request. While this is a desired
> feature of some site, and a powerful aspect of CW, some (corporate/public)
> sites clearly want to disable this ability for obvious security
> reason. Introducing the above proposal will make this harder if not
Does disabling urls built with view?rql=blabla&vid=someview means that you
disable facets ?
> * A lot of views are not only depending on the rql+vid couple, but also
> on additional, arbitrary, arguments. This is somewhat handled by facets
> currently but is imo not really fancy. This later pb could be handled
> by making views more easily self-contained, as recently done (at least
> partially) for table views.
This reminds me of the bookmarks. I just had a look at the code and it
does not work as I thought. There is a specific widget that allows to
edit the path attribute as if it were made of two parts.
logilab.fr - services en informatique scientifique et gestion de connaissances
More information about the Cubicweb