Quoting Mark Stosberg <suppressed>:
> What about supporting a more direct format,
>
> like /My-CamelCaps/
>
> I don't think a dash is a valid option in a module name, so it should
> work fine here. This should allow support for any module names.
I haven't looked at the actual implementation of this new module yet (time
constraints), but it looks very interesting to me.
I have a few concerns though. If a style like the above is used, what will stop
a maliscious user from loading and executing any module installed on the system?
/Mail-Send/send/
I'm not saying it would be easy to do, but there may be an exploitable hole that
you are opening up. I guess the exploitable module would need a 'run' method,
but it is possible...
Perhaps the configuration should include a base namespace that is valid. Using
your example, the base namespace could be 'My' and in the pathinfo you could
have /CamelCaps-Update/ which would resolve to the class 'My::CamelCaps::Update'.
Cheers,
Cees
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.