[TYPO3-templavoila] Giving the TO as a GET/POST parameter
Dmitry Dulepov
typo3 at fm-world.ru
Wed Mar 15 19:31:07 CET 2006
Hi!
Jean-Baptiste Rio wrote:
> I'm not convinced by your example, because they'are so much ways to do
> such "errors" in typoscript that i don't believe that we've to protect
> users against a misuse of what we provide.
This is not comparable. Ts is not open to anyone like browser's query
string.
> My idea was to allow the webmaster to select a set of allowed TO in the
> whole list of TO linked to the selected DS. In that case, if he chooses
> to open a security breach by allowing an admin TO, it's his choice, not
> a bug in the function.
You can do it in your own extension if you want but I will insist that
this is a wrong way.
Dmitry.
--
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-project-templavoila
mailing list