-
-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue 242: add an @interfaces expandable endpoint #414
Conversation
2 similar comments
👍 LGTM I wonder if exposing all those interface names publicly may lead to unwanted information disclosure. |
Yeah... during the training we wondered if we could restrict somehow the list of exposed interfaces, or at least set a list of known-good-set of interfaces, and expose just them... |
docs/source/interfaces.rst
Outdated
Interfaces | ||
========== | ||
|
||
Getting the interfaces provided by the current context: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@erral we usually try to add a short introduction to non-Plone devs what this documentation section is about. E.g. a short introduction what interfaces are, maybe with a link to the Plone docs.
I share your concerns about the public visibility of the interfaces. Nevertheless they are needed, at least to know the navigation contexts when the front-end wants to build the global navigation for instance. @ebrehault any comment on this? |
e4cf414
to
5671b33
Compare
What would you recommend as a way of restricting who has access to this? |
So, what is the problem with exposing? Does exposing information about interfaces - and so about installed add-ons and other internals - give attackers hints about possible vulnerabilities outside of the core? But also FTI info and other endpoints expose that information. I doubt it a problem, but I would love to hear opposing opinions. |
In PloneHotfix20161129 we removed the docstrings of lots of zope.interface methods and attributes to avoid 'publishing' them, that is making them available for browsers to call. See zopefoundation/Zope#81. In some cases they could really be used for potential harm (setting values), in others it was: better safe than sorry. Just giving the name of interfaces should be fine. But it does give you info about an object that is useful for a UI but also for potential hackers. |
caaa388
to
2239ae6
Compare
2239ae6
to
d855284
Compare
What is the state here? Do we want it or not? If not and hence there was no activity for a long time, I propose to close this PR within next two weeks. If you do not feel OK with this, please speak up and provide us a rough schedule. |
@jensens it is something we definitely want. Though, there are lots of things to consider and to discuss. I'd prefer to keep it open. Maybe something that can be discussed at one of the next sprints this year... |
This one got forgotten. Is it still valid or meanwhile superseded? |
I am closing this because the main reason for this, the navigation root thing, has been fixed using another endpoint. If we need to expose the interfaces in the future we can use this code as an inspiration, but we do not need this right now. |
See #242