Log message #111747

# At Username Text
# Aug 8th 2008, 13:12 AD7six teknoid: purely out of interest did you recently change the email you use on the google group
# Aug 8th 2008, 13:10 lqdice__ this security component is too secure.. there is no easy to way to debug it
# Aug 8th 2008, 13:08 lqdice__ just saved me a few lines of code
# Aug 8th 2008, 13:08 lqdice__ )
# Aug 8th 2008, 13:08 lqdice__ oh ok
# Aug 8th 2008, 13:07 TommyO lqdice__: startup() in a component will only run if component is enabled
# Aug 8th 2008, 13:07 lqdice__ oh the component class lets you disable them? cause I didnt see anything in the actual security class
# Aug 8th 2008, 13:07 TommyO lqdice__: check the Component class
# Aug 8th 2008, 13:07 TommyO lqdice__: $this->Security->enabled = false; in beforeFilter() or something like that
# Aug 8th 2008, 13:05 lqdice__ thats the only way i see right now
# Aug 8th 2008, 13:05 lqdice__ i might just have to make it so i can force the security component not to load for some actions
# Aug 8th 2008, 13:05 lqdice__ yeah doesnt recognize it
# Aug 8th 2008, 13:04 lqdice__ swfupload afaik just does a regular post to that url so it may not detect it as ajax
# Aug 8th 2008, 13:03 lqdice__ the security component kicks in and says my request is bad
# Aug 8th 2008, 13:03 lqdice__ its not working
# Aug 8th 2008, 13:01 TommyO it doesn't force ajax, it recognizes it
# Aug 8th 2008, 13:01 TommyO I think that you're prematurely optimizing
# Aug 8th 2008, 13:01 lqdice__ just 1 action
# Aug 8th 2008, 13:01 lqdice__ TommyO: i dont want it to load w/ every action
# Aug 8th 2008, 13:00 TommyO lqdice__: why? add it to the controller's $components array
# Aug 8th 2008, 13:00 lqdice__ TommyO: i dont know if swfupload really sends it as "ajax" per-se.. its posting to it .. ill try it htough
# Aug 8th 2008, 13:00 lqdice__ can it be loaded dynamically like this: App::import('Component', 'RequestHandling'); ?
# Aug 8th 2008, 12:59 TommyO lqdice__: read up on it. it's an integral part of cake's ajax support
# Aug 8th 2008, 12:59 lqdice__ will it then not mess w/ the security ?
# Aug 8th 2008, 12:59 TommyO it allows cake to recognize Ajax requests. does some magic for you. and I believe it protects the session too
# Aug 8th 2008, 12:58 TommyO err...RequestHandler I mean
# Aug 8th 2008, 12:58 lqdice__ whats that
# Aug 8th 2008, 12:57 lqdice__ no
# Aug 8th 2008, 12:57 TommyO lqdice__: does the controller that has /upload have the RequestActionComponent loaded?
# Aug 8th 2008, 12:54 lqdice__ well my /upload form gets blackholed because its being called in a weird way from flash so that unsets the token key
# Aug 8th 2008, 12:52 lqdice__ teknoid: basically security populates a session['token']['key'] everytime a user goes to a form.. then when a form is submitted.. it will remove it from the session and check it against the data that the user submitted... but because swfupload calls from /add to /upload through ajax, then submits /add.. by the time the last action is executed, the token is no longer there
# Aug 8th 2008, 12:51 teknoid lqdice__: why would it remove something from your session? do the sessions match?
# Aug 8th 2008, 12:50 lqdice__ so it doesnt unset the session token
# Aug 8th 2008, 12:50 lqdice__ i basically need /upload not to use security
# Aug 8th 2008, 12:49 lqdice__ swfupload sends the file to /upload .. i got /upload to load the session etc.. fine but then the security component removes the token key from my session.. then swfupload submits my form and the page that it submits to is expecting the token key which upload disabled
# Aug 8th 2008, 12:48 teknoid lqdice__: no, what exactly happens?
# Aug 8th 2008, 12:48 lqdice__ using swfupload and its not playing nice
# Aug 8th 2008, 12:47 lqdice__ teknoid: you know any way to complete disable the security component from a certain action?
# Aug 8th 2008, 12:42 polerin though I think that cake really needs to look at making them bianary, rather than char's
# Aug 8th 2008, 12:42 teknoid np
# Aug 8th 2008, 12:42 polerin UUID's are win