You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@velocity.apache.org by Paulo Gaspar <pa...@krankikom.de> on 2002/04/20 22:14:00 UTC
They used Velocity (www.onjava.com)
http://www.onjava.com/pub/a/onjava/2002/04/17/wblogosj2ee.html
Have fun,
Paulo Gaspar
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: They used Velocity (www.onjava.com)
Posted by "Geir Magnusson Jr." <ge...@optonline.net>.
On 5/2/02 7:47 AM, "Paulo Gaspar" <pa...@krankikom.de> wrote:
>> How are you restricting access to the ClassLoader? We've been
>> worrying about $ref.getClass().getClassLoader() ...
>>
>> I'm unsure how to draft a policy file which only applies to Velocity.
>
> Well, that is not a problem at my company.
>
> But you probably could use the new custom introspection to take care
> of that.
>
> (Right Geir???)
>
:)
Yes, actually. I am using it in Jexl to do that exact thing - constrain
introspection from getting any method of Object except toString(). That
nips a good bit of it.
I'll roll that back into velocity/contrib when done.
--
Geir Magnusson Jr. geirm@optonline.net
System and Software Consulting
Java : the speed of Smalltalk with the simple elegance of C++...
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: They used Velocity (www.onjava.com)
Posted by Paulo Gaspar <pa...@krankikom.de>.
> How are you restricting access to the ClassLoader? We've been
> worrying about $ref.getClass().getClassLoader() ...
>
> I'm unsure how to draft a policy file which only applies to Velocity.
Well, that is not a problem at my company.
But you probably could use the new custom introspection to take care
of that.
(Right Geir???)
Hmmm, that thing is even more useful than I thought!
=:o)
Have fun,
Paulo Gaspar
> -----Original Message-----
> From: dlr@despot.finemaltcoding.com
> [mailto:dlr@despot.finemaltcoding.com]On Behalf Of Daniel Rall
> Sent: Thursday, May 02, 2002 11:25 AM
> To: Velocity Developers List
> Cc: paulo.gaspar@krankikom.de
> Subject: Re: They used Velocity (www.onjava.com)
>
>
> "Paulo Gaspar" <pa...@krankikom.de> writes:
>
> > They were wise.
> >
> > At my company Velocity was the only templating mechanism that the
> > designers really enjoyed and used with no problems and almost with
> > no help... and we tried several.
> >
> > (BTW: I think XSLT was the most hated.)
> >
> >
> > We to are planning to give customer control to some templates on
> > some sites. Can you guess what is the obvious template engine
> > choice?
>
> How are you restricting access to the ClassLoader? We've been
> worrying about $ref.getClass().getClassLoader() ...
>
> I'm unsure how to draft a policy file which only applies to Velocity.
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: They used Velocity (www.onjava.com)
Posted by Daniel Rall <dl...@finemaltcoding.com>.
"Paulo Gaspar" <pa...@krankikom.de> writes:
> They were wise.
>
> At my company Velocity was the only templating mechanism that the
> designers really enjoyed and used with no problems and almost with
> no help... and we tried several.
>
> (BTW: I think XSLT was the most hated.)
>
>
> We to are planning to give customer control to some templates on
> some sites. Can you guess what is the obvious template engine
> choice?
How are you restricting access to the ClassLoader? We've been
worrying about $ref.getClass().getClassLoader() ...
I'm unsure how to draft a policy file which only applies to Velocity.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: They used Velocity (www.onjava.com)
Posted by Paulo Gaspar <pa...@krankikom.de>.
They were wise.
At my company Velocity was the only templating mechanism that the
designers really enjoyed and used with no problems and almost with
no help... and we tried several.
(BTW: I think XSLT was the most hated.)
We to are planning to give customer control to some templates on
some sites. Can you guess what is the obvious template engine
choice?
Have fun,
Paulo Gaspar
http://www.krankikom.de
http://www.ruhronline.de
> -----Original Message-----
> From: Geir Magnusson Jr. [mailto:geirm@optonline.net]
> Sent: Saturday, April 20, 2002 10:18 PM
> To: Velocity Developer's List
> Subject: Re: They used Velocity (www.onjava.com)
>
>
> On 4/20/02 4:14 PM, "Paulo Gaspar" <pa...@krankikom.de> wrote:
>
> > http://www.onjava.com/pub/a/onjava/2002/04/17/wblogosj2ee.html
>
> Thanks! I love this paragraph...
>
>
> "While JSP pages work well for the Roller editor pages, which
> rarely change,
> JSP does not work so well for the user pages. Weblog authors are not
> programmers, and they cannot be required to learn JSP and Java programming
> just to customize their weblog and associated Web pages. Furthermore,
> allowing Roller users to add new JSP pages, and thus new Java code, to the
> Roller application at runtime is a security risk."
>
> This is going up on our site :)
>
> --
> Geir Magnusson Jr.
> geirm@optonline.net
> System and Software Consulting
> "Whoever would overthrow the liberty of a nation must begin by
> subduing the
> freeness of speech." - Benjamin Franklin
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: They used Velocity (www.onjava.com)
Posted by "Geir Magnusson Jr." <ge...@optonline.net>.
On 4/20/02 4:14 PM, "Paulo Gaspar" <pa...@krankikom.de> wrote:
> http://www.onjava.com/pub/a/onjava/2002/04/17/wblogosj2ee.html
Thanks! I love this paragraph...
"While JSP pages work well for the Roller editor pages, which rarely change,
JSP does not work so well for the user pages. Weblog authors are not
programmers, and they cannot be required to learn JSP and Java programming
just to customize their weblog and associated Web pages. Furthermore,
allowing Roller users to add new JSP pages, and thus new Java code, to the
Roller application at runtime is a security risk."
This is going up on our site :)
--
Geir Magnusson Jr. geirm@optonline.net
System and Software Consulting
"Whoever would overthrow the liberty of a nation must begin by subduing the
freeness of speech." - Benjamin Franklin
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>