CherryClass CommonMasks: mask: def redLabel(self, label): <b><font color=red py-eval="label"></font></b> CherryClass Root: mask: def index(self): <html><body> Hello, <py-eval="commonMasks.redLabel('world')"> </body></html>
That's fine, but this also means that if someone artificially types the URL http://localhost:8000/commonMasks/redLabel?label=IHateCherryPy, they will get the result of the redLabel mask.
In this case, it's not a very big deal because the redLabel mask doesn't do anything important, but in some cases this might be a problem. That's why hidden masks and views were included in CherryPy-0.8.
CherryClass CommonMasks: mask: def redLabel(self, label) hidden: <b><font color=red py-eval="label"></font></b> CherryClass Root: mask: def index(self): <html><body> Hello, <py-eval="commonMasks.redLabel('world')"> </body></html>
All this means is that the redLabel mask can no longer be accessed directly from the browser. But it can be called from another mask or view.
It is also possible to declare that an entire CherryClass is hidden, like this:
CherryClass CommonMasks hidden: mask: def redLabel(self, label): <b><font color=red py-eval="label"></font></b> CherryClass Root: mask: def index(self): <html><body> Hello, <py-eval="commonMasks.redLabel('world')"> </body></html>
See About this document... for information on suggesting changes.