[Seaside] Seaside and REST
Nevin Pratt
nevin at bountifulbaby.com
Wed May 2 17:12:34 UTC 2007
>
>
> http://www.bountifulbaby.com/seaside/index/home (executes the #home
> method of the component, which has been written to cause it to show
> the home page)
> or
> http://www.bountifulbaby.com/seaside/index/aboutus (executes the
> #aboutus method of the component, which has been written to cause it
> to show the "About Us" page)
>
> So you can see, I can actually start the app at an arbitrary point, by
> specifying the method name to execute as part of the URL (security is
> handled by requiring that the method name be present in the component
> under a specific and known method category name-- this stops people
> from being able to execute completely arbitrary methods via the URL,
> because the method to execute must be present in a specific method
> category).
>
I might also add that
http://www.bountifulbaby.com/seaside/index/home
is functionally equivalent to
http://www.bountifulbaby.com/seaside/index
which is functionally equivalent to
http://www.bountifulbaby.com
which is also functionally equivalent to
http://www.bountifulbaby.com/seaside/index/noneexistingmethod
(assuming, of course, that #noneexistingmethod really is a none-existing
method :-) )
They all do the same thing.
Nevin
More information about the Seaside
mailing list