IRC log of #zope for Monday, 2011-05-16

*** MrTango has quit IRC00:31
*** davisagli has quit IRC01:01
*** davisagli has joined #zope01:03
*** trustedsage has joined #zope01:05
*** tiwula has joined #zope01:21
*** alga has quit IRC01:31
*** davisagli has quit IRC01:35
*** davisagli has joined #zope01:35
*** Arfrever has quit IRC01:48
*** menesis has quit IRC01:53
*** srichter has quit IRC02:22
*** srichter has joined #zope02:23
*** lewellyn has joined #zope04:33
* lewellyn peers in04:33
lewellynanyone know where to find versions of ZSyncer prior to 1.0.0? :P04:34
lewellynoh hah. found the version i needed. :D04:36
lewellynhrmpfh. i remember why i dislike ZSyncer's older versions now :P04:59
* lewellyn sighs04:59
lewellyngrr. guess i get to do this by hand.05:10
*** digitalmortician has quit IRC05:39
*** pjfd4 has joined #zope05:57
*** srichter has quit IRC06:03
*** srichter has joined #zope06:10
*** sm has quit IRC06:38
CIA-89tyam * r121668 z3c.form/src/z3c/form/locales/ (ja ja/LC_MESSAGES/z3c.form.po ja/LC_MESSAGES): added Japanese translation06:42
*** trustedsage has quit IRC06:42
*** trustedsage has joined #zope06:43
*** trustedsage has quit IRC06:44
*** trustedsage has joined #zope06:44
*** thetrustedsage has joined #zope06:54
*** trustedsage has quit IRC06:55
*** thetrustedsage has quit IRC07:25
*** tiwula has quit IRC07:25
*** zagy1 has quit IRC08:03
*** alexpilz has joined #zope08:10
*** alexpilz has quit IRC08:18
*** zagy has joined #zope08:25
*** ccomb has joined #zope08:27
*** pjfd4 has quit IRC08:29
*** wosc has joined #zope08:44
*** wosc has quit IRC08:46
*** wosc has joined #zope08:46
*** __mac__ has joined #zope09:07
*** agroszer has joined #zope09:15
*** shastry has quit IRC09:19
*** supton has joined #zope09:21
*** tisto has joined #zope09:28
*** MrTango has joined #zope09:34
*** supton has quit IRC09:48
*** yvl has joined #zope10:04
*** slackrunner has joined #zope10:07
*** planetzopebot has quit IRC10:08
*** planetzopebot has joined #zope10:09
*** shastry has joined #zope10:09
*** alga has joined #zope10:13
*** srichter has quit IRC10:14
*** humanfromearth has joined #zope10:20
*** humanfromearth has left #zope10:25
*** goschtl has joined #zope10:26
*** hever has joined #zope10:33
*** mgedmin has quit IRC10:36
*** mgedmin has joined #zope10:36
*** srichter has joined #zope10:37
*** altipard has joined #zope10:38
*** hever has quit IRC11:00
*** __mac__ has quit IRC11:05
*** hever has joined #zope11:15
*** sylvain has joined #zope11:21
*** mr_jolly has joined #zope11:23
*** menesis has joined #zope11:29
CIA-89janwijbrand * r121669 martian/src/martian/tests/ fix an encoding issue with reading the directive.txt doctest11:30
*** mitchell`off is now known as mitchell`11:34
*** goschtl has quit IRC11:46
*** goschtl has joined #zope11:51
*** TomBlockley has joined #zope11:54
*** slackrunner_ has joined #zope12:01
*** slackrunner has quit IRC12:01
*** slackrunner_ is now known as slackrunner12:01
*** altipard has quit IRC12:22
*** Wu has joined #zope12:24
*** evilbungle has joined #zope12:47
*** teix has joined #zope12:47
*** __mac__ has joined #zope13:00
*** eperez has joined #zope13:09
*** thevishy has joined #zope13:26
CIA-89janwijbrand * r121670 martian/CHANGES.txt: update changelog13:28
thevishyI am sending a request from a JS to Zope ...
thevishyHow to access this element / values in Zope213:31
thevishyThis is JSON data ( sent from TinyMCE editor)13:31
betabugyou need something to decode json13:32
betabugthevishy: there used to be a product called ZTinyMCE13:32
betabugwhich does TinyMCE integration13:32
thevishythis is new tinymce version (3.4.2)13:33
betabughmm, download link is gone :-(13:33
thevishyso we are creating a new product13:33
thevishyHow to see this raw JSON in request object, what is the attribute name13:35
betabugdo a POST like that to a "Script (Python)" object you create and in the python script do a print context.REQUEST; return printed13:36
betabugthen you can look at all the request stuff and see where it turns up13:36
thevishyok, will try13:36
thevishybetabug: it didn't turn up :(13:41
*** svenn has joined #zope13:42
betabughmm, no idea then13:42
*** svenn has quit IRC13:44
thevishyRight , we need to pull the data at the server side13:44
*** svenn has joined #zope13:44
betabugmaybe look at this code:
betabugit's a bit old, but maybe it gives you some ideas13:46
*** svenn has quit IRC13:46
*** svenn has joined #zope13:46
thevishywill look into that13:47
*** menesis has quit IRC13:51
*** menesis1 has joined #zope13:51
*** menesis1 is now known as menesis13:51
thevishyIt looks like some monkey patch is required for ZPublisher.HTTPRequest.HTTPRequest13:53
thevishyhow to move forward, modify jsonserver2 or is there any other alternative14:00
betabugno idea, what zope products are you working with? do you really need Zope 2?14:01
betabugvery few new projects use Zope 214:02
*** menesis has quit IRC14:03
thevishybetabug: it's an old product14:03
thevishyZope 2 based14:03
betabugah, ok14:05
betabugwell, can't help you really, never had to do json on zope14:05
*** m8 has joined #zope14:07
thevishythanks its a bit old product basically , needs to be continued14:08
*** m8 has quit IRC14:09
betabugyeah, I've got a few of that myself :-)14:10
*** m8 has joined #zope14:12
koshbetabug: what is sad is that even though very few new projects use zope 2 there is pretty much nothing else out there with a remotely comparable security track record14:15
koshmost have more security exploits in a week then zope does in a year14:15
koshpyramid could be good if people set it to fail closed but the default is fail open but at least it is a one line change14:16
koshthe default for all other web frameworks I know is fail open which is just a security disaster14:16
thevishyHow about Django ?14:16
betabughey kosh14:16
koshfail open14:16
betabugkosh: the "fail open" in pyramid is in "development mode"?14:17
koshfail open means all access is allowed unless explicitely denied, fail closed means that all access is denied unless specifically allowed14:17
*** goschtl has quit IRC14:17
koshbetabug: not it is a default security policy and when I looked the default security policy was allow but a one line change would make it default to deny14:17
koshso pyramid looks like it could be used for fail closed with a trivial one time change14:18
koshstill should not be required though14:18
koshbut devs are used to fail open because it is easier to get started14:18
koshthey can just hurl anything they want and the system and it kind of works without any config14:18
*** tisto is now known as tisto|lunch14:18
betabugnot good in production though14:18
koshwhich is also why they have such horrible security track records14:19
koshI was reading a page on rails security recently that someone showed me14:19
koshand rails has a lot of basic security issues that even zope from 10 years ago did not have14:19
*** Wu has quit IRC14:19
koshsome default configuration for how it does CRUD is also sql injectable14:20
koshso the docs where recomending that people don't do the processing in some default way14:20
koshit just seems that we keep getting new framework after new framework with all kinds of features to make it much faster and lower server load to exploit your server ;)14:21
koshso with the newest framework you can write far less code and get your exploitable server up and running in record time!14:21
*** thevishy has quit IRC14:21
koshalso while we may make fun of plone a lot for being slow, using lots of memory and being massively heavy in code that thing is like a god for security compared to the other cms14:23
betabugeven if the crackers get in totally, they have to move so slow the police will arrive and arrest them in time14:24
koshI may not like it very much but they did take security fairly seriously and built on a good foundation at least14:24
koshzope 2 is pretty good at keeping people out, it is the greatest advantage it has14:25
koshwhat annoys me about grok is that grok is fail open14:25
koshoverall pyramid looks like the best upgrade path right now14:28
betabugpyramid looks good14:30
koshand you could still use zeo with it along with many other zope 2 technologies14:31
betabuglots of concepts work the same14:31
betabugthere is less "included in the box", but ok14:31
betabugthere will be more shopping around in the pypi bins, but then you maybe get what you really want14:32
koshI expect it to take a lot more work then just using zope 2.x though unfortunately14:32
betabugyeah, could be14:32
koshhowever it looks like you could at least build a remotely secure system14:33
koshheh probably end up with a standard pyramid buildout of a bunch of normal things and call it pyramid.zope2  :)14:33
*** benji has joined #zope14:37
koshsee you freaks later14:44
*** svenn has quit IRC14:45
*** kleist has joined #zope14:51
*** menesis has joined #zope15:12
*** menesis has quit IRC15:17
*** menesis has joined #zope15:32
*** tisto|lunch is now known as tisto15:42
*** m8 has quit IRC15:48
*** hever has quit IRC15:51
*** kleist_ has joined #zope15:53
*** kleist has quit IRC15:57
*** pjfd4 has joined #zope16:00
*** thetet has joined #zope16:07
*** thetet has left #zope16:09
CIA-89jfroche * r121671 /Sandbox/gotcha/five.taskqueue/trunk/ (src/five/taskqueue/ docs/HISTORY.txt): Avoid code to stop thread and set the default value for variable before exception16:17
CIA-89jfroche * r121672 /Sandbox/gotcha/z3c.taskqueue/trunk/ (docs/HISTORY.txt src/z3c/taskqueue/ Avoid thread to stop if there is an error in processNext16:17
*** hever has joined #zope16:19
*** sm has joined #zope16:19
*** sp0cksbeard has joined #zope16:21
*** wosc has quit IRC16:29
*** ccomb has quit IRC16:53
*** ccomb has joined #zope17:07
*** ccomb1 has joined #zope17:10
*** ccomb has quit IRC17:12
smlewellyn: any use ? just how old is your zope ?17:15
*** thetet has joined #zope17:19
*** alga has quit IRC17:24
*** Wu has joined #zope17:32
*** Gogo|gui has joined #zope17:43
*** Gogo|gui has quit IRC17:53
*** alvaro_o has joined #zope18:02
*** tisto is now known as tisto|away18:04
*** webmaven has quit IRC18:04
*** alvaro_o has quit IRC18:04
teixkosh: take note that already exists a repoze.zope2 package out there :)18:06
teixkosh: in other proposes though18:06
*** zagy has quit IRC18:13
*** Arfrever has joined #zope18:16
*** cwarner has joined #zope18:19
*** alga has joined #zope18:22
*** agroszer has quit IRC18:35
*** tisto|away is now known as tisto18:41
*** __mac__ has quit IRC18:43
*** daMaestro has joined #zope18:49
*** thetet has left #zope18:54
*** m8 has joined #zope19:01
*** supton has joined #zope19:05
*** zagy has joined #zope19:06
*** Gogo|gui has joined #zope19:08
*** sm_ has joined #zope19:19
*** sm has quit IRC19:22
*** sm_ is now known as sm19:22
*** sm_ has joined #zope19:24
*** sm has quit IRC19:27
*** sm_ is now known as sm19:27
CIA-89jfroche * r121673 /Sandbox/gotcha/z3c.taskqueue/trunk/ (docs/HISTORY.txt Preparing release 0.1-alpha-419:28
CIA-89jfroche * r121674 /Sandbox/gotcha/z3c.taskqueue/tags/0.1-alpha-4: Tagging 0.1-alpha-419:28
CIA-89jfroche * r121675 /Sandbox/gotcha/z3c.taskqueue/trunk/ (docs/HISTORY.txt Back to development: 0.1-alpha-519:28
CIA-89jfroche * r121676 /Sandbox/gotcha/five.taskqueue/trunk/ (docs/HISTORY.txt Preparing release 0.1-alpha-319:28
CIA-89jfroche * r121677 /Sandbox/gotcha/five.taskqueue/tags/0.1-alpha-3: Tagging 0.1-alpha-319:28
CIA-89jfroche * r121678 /Sandbox/gotcha/five.taskqueue/trunk/ (docs/HISTORY.txt Back to development: 0.1-alpha-419:28
CIA-89ldr * r121679 Products.ZCatalog/ (2 files in 2 dirs): Substitute catalog entry in UUIDIndex error message.19:28
CIA-89janwijbrand * r121680 grokproject/grokproject/template/ (4 files in 2 dirs): there was an inconsistency where the various logfiles we placed. fixed the situation by consistenly use the intended "{buildout}/var/log" location throughout.19:28
CIA-89janwijbrand * r121681 grokproject/CHANGES.txt: update changelog19:28
*** tiwula has joined #zope19:32
*** zagy1 has joined #zope19:37
*** zagy has quit IRC19:37
*** Gogo|gui has quit IRC19:41
*** Gogo|gui has joined #zope19:49
*** sylvain has quit IRC19:50
*** Wu has quit IRC19:54
*** kleist__ has joined #zope19:54
*** kleist_ has quit IRC19:58
*** kleist__ has quit IRC20:02
*** __mac__ has joined #zope20:04
*** __mac__ has quit IRC20:04
*** agroszer has joined #zope20:06
*** Gogo|gui1 has joined #zope20:07
*** Gogo|gui has quit IRC20:07
*** eperez has quit IRC20:10
*** mitchell` is now known as mitchell`off20:13
*** menesis has quit IRC20:14
*** TomBlockley has quit IRC20:15
*** TomBlockley has joined #zope20:18
*** srichter has quit IRC20:34
*** srichter has joined #zope20:35
*** TomBlockley has quit IRC20:41
*** zagy has joined #zope20:47
*** zagy1 has quit IRC20:47
*** tisto has quit IRC20:52
*** Gogo|gui1 has quit IRC21:09
*** agroszer has quit IRC21:12
*** __mac__ has joined #zope21:14
*** menesis has joined #zope21:20
*** menesis has quit IRC21:25
*** zagy1 has joined #zope21:27
*** zagy has quit IRC21:27
*** agroszer has joined #zope21:27
*** pjfd2 has joined #zope21:35
*** pjfd4 has quit IRC21:36
*** menesis has joined #zope21:38
*** supton_ has joined #zope21:57
*** teix has quit IRC21:59
*** supton has quit IRC22:00
*** supton_ has quit IRC22:01
*** webmaven has joined #zope22:01
*** supton has joined #zope22:07
*** evilbungle has quit IRC22:13
*** Gogo|gui has joined #zope22:22
*** Gogo|gui has quit IRC22:28
*** agroszer has quit IRC22:31
*** menesis has quit IRC22:35
*** zagy has joined #zope22:37
*** zagy1 has quit IRC22:37
*** Gogo|gui has joined #zope22:56
*** __mac__ has quit IRC23:00
*** __mac__ has joined #zope23:00
*** zagy has quit IRC23:10
*** __mac__ has quit IRC23:13
*** Gogo|gui has quit IRC23:13
*** John[a] has joined #zope23:16
*** trustedsage has joined #zope23:18
*** hever has quit IRC23:20
*** Gogo|gui has joined #zope23:24
*** Gogo|gui has quit IRC23:55

Generated by 2.15.1 by Marius Gedminas - find it at!