[Cubicweb] annotating divs with rql and vid

Adrien Di Mascio adrien.dimascio at logilab.fr
Thu May 24 17:09:41 CEST 2012


On 24/05/2012 16:03, Sylvain Thénault wrote:
> On 24 mai 14:51, Nicolas Chauvat wrote:
> While I see the benefit of the idea, I would like to warn about the
> following things:
>
> * We should be able to have cubicweb sites working without allowing
>    arbitrary rql to be given in http request. While this is a desired
>    feature of some site, and a powerful aspect of CW, some (corporate/public)
>    sites clearly want to disable this ability for obvious security
>    reason. Introducing the above proposal will make this harder if not
>    impossible.

This is indeed something to be kept in mind but I think it should not be 
so hard do deactivate the <div data-rql ...> generation on those sites. 
Do you foresee specific problems ?

> IMO all this should go in a deeper reflexion on how to handle properly
> the kind of stateful ui we want. Starting collecting current problems,
> use-cases and technical objectives would definitly be a good start.

+1 for uses-cases / problems / CWEP.


-- 
Adrien Di Mascio - LOGILAB, Paris (France).
Tél: 01.45.32.03.12
Formations - http://www.logilab.fr/formations
Développements - http://www.logilab.fr/services
Gestion de connaissances - http://www.cubicweb.org/



More information about the Cubicweb mailing list