Skip to main content
Join the official 2019 Python Developers SurveyStart the survey!

The Plone Content Management System (core)

Project description

About Plone

Plone is a user friendly Content Management System running on top of Python, Zope and the CMF.

It benefits from all features of Zope/CMF such as: RDBMS integration, Python extensions, Object Oriented Database, Web configurable workflow, pluggable membership and authentication, Undos, Form validation, amongst many many other features. Available protocols: FTP, XMLRPC, HTTP and WEBDAV Turn it into a distributed application system by installing ZEO.

Plone shares some of the qualities of Livelink, Interwoven and Documentum. It aims to be the open source out-of-the-box publishing system.

Installing Plone

Plone is available on Microsoft Windows, Linux, OSX and BSD platforms.

Install Plone by downloading an installer from

What is Plone?

Plone is a ready-to-run content management system that is built on the powerful and free Zope application server. Plone is easy to set up, extremely flexible, and provides you with a system for managing web content that is ideal for project groups, communities, web sites, extranets and intranets.

  • Plone is easy to install. You can install Plone with a a click and run installer, and have a content management system running on your computer in just a few minutes.
  • Plone is easy to use. The Plone Team includes usability experts who have made Plone easy and attractive for content managers to add, update, and maintain content.
  • Plone is international. The Plone interface has more than 35 translations, and tools exist for managing multilingual content.
  • Plone is standard. Plone carefully follows standards for usability and accessibility. Plone pages are compliant with US Section 508, and the W3C’s AAA rating for accessibility.
  • Plone is Open Source. Plone is licensed under the GNU General Public License, the same license used by Linux. This gives you the right to use Plone without a license fee, and to improve upon the product.
  • Plone is supported. There are over three hundred developers in the Plone Development Team around the world, and a multitude of companies that specialize in Plone development and support.
  • Plone is extensible. There is a multitude of add-on products for Plone to add new features and content types. In addition, Plone can be scripted using web standard solutions and Open Source languages.
  • Plone is technology neutral. Plone can interoperate with most relational database systems, open source and commercial, and runs on a vast array of platforms, including Linux, Windows, Mac OS X, Solaris and BSD.

Technical overview

Plone is a content management framework that works hand-in-hand and sits on top of Zope, a widely-used Open Source web application server and development system. To use Plone, you don’t need to learn anything about Zope; to develop new Plone content types, a small amount of Zope knowledge is helpful, and it is covered in the documentation.

Zope itself is written in Python, an easy-to-learn, widely-used and supported Open Source programming language. Python can be used to add new features to Plone, and used to understand or make changes to the way that Zope and Plone work.

By default, Plone stores its contents in Zope’s built in transactional object database, the ZODB. There are products and techniques, however, to share information with other sources, such as relational databases, LDAP, filesystem files, etc.

Plone runs on Windows, Linux, BSD, Mac OS X, and many other platforms; double-click installers are available for Windows and Mac OS X, and RPM packages are available for Linux. For full information, see the product page.


4.3.3 (2014-02-19)

  • Change default permission for sendto_form to Authenticated instead of Anonymous [vangheem]
  • merge hotfixes from [vangheem]
  • handle RichTextValue objects in syndication. Should fix syndication with [vangheem]
  • FolderFeed adapter now takes into account the limit property when displaying the RSS feed just like the other adapters do [ichim-david]
  • Fix handling of URL fragments in form_tabbing.js. [davisagli]
  • Password reset emails will now be sent from the navigation root instead the portal, enabling support for multilingual sites and other subsites to keep the correct language, title, menus and designs. [regebro]
  • Fix issue where a user could delete unintended object through acquisition magic. See [gotcha]
  • Added a method toLocalizedSize to @@plone view, on the model of toLocalizedTime, to get a localized string rendering a size from an integer. Use it on image view. [thomasdesvenain]
  • Remove plone_deprecated/ to avoid sitemap traceback because we don’t have a @@sitemap_view view anymore when you enable back the plone_deprecated skin layer. [vincentfretin]
  • Inline validation JavaScript for z3c.form only sends request when field name can be obtained from DOM for a widget (#13741). [seanupton]
  • Fix problem generating feeds including Dexterity items with no primary field. [bloodbare]
  • recently_modified and recently_published respects allow anonymous to view about setting [vangheem]
  • Return a 404 instead of “AttributeError: (dynamic view)” if a user attempts to view a still-temporary PortalFactory item. [esteele]
  • Ensure that initial_login is set to True when a user first logs in. [taito]
  • No longer set news, events and member folder to be unordered [vangheem]
  • Fix calendar ajax next and prev buttons [vangheem]
  • Ensure object_rename script has _ message factory available to prevent error when unauthorized. [davidjb]
  • Fix issue with the search js in sharing page where the user needed to check twice a checkbox to assign a role after a search. [vincentfretin]
  • Catch missing userid on mail_password form, and treat is as an empty userid. That way the user gets a helpful message. [do3cc]

4.3.2 (2013-08-14)

  • fix wrong download url for podcast syndication [Rudd-O]

  • Applied security fixes from PloneHotfix20130618:

    • Protected methods on the ZCatalog.
    • Added missing module security declarations.
    • Sanitize url in isURLInPortal.
    • Check ‘Set own password’ permission in mailPassword.
    • Prevent the Zope request from being traversed.
    • Protected sendto method.
    • Sanitize input to spamProtect script.


  • Get portal_discussion properly with getToolByName. [maurits]

  • Fix dependency ordering problem with plone-final import step. [davisagli]

  • remove bbb-kss.css from css registry registration [vangheem]

  • Stop unload-protection from popping up needlessly if tinyMCE is used on tabbed forms [href]

4.3.1 (2013-05-30)

  • Some text/* mime types should be Files, not Documents. [rpatterson]
  • Remove reference to unimplemented ‘make_private’ transition in simple_publication_workflow. [danjacka]
  • Fail nicely when pasting a deleted item ( [khink]
  • Add a ‘max_tabs’ option to form-tabbing.js to allow changes to the number of tabs displayed before the script uses a dropdown instead. [esteele]
  • register search_rss only for site root [vangheem]
  • jquery-integration.js gets disabled during the upgrade to Plone 4.3. Make sure we do so for new sites as well. [esteele]
  • Fix commas in kss-bbb.js since IE7/8 is sensative [vangheem]
  • Reenable forgotten tests [kiorky]
  • Fail nicely when userid is not provided to mail_password script. [esteele]
  • Do not display text file content if it is empty. [thomasdesvenain]
  • Add distinct classes for live search links. Add id for image details. [cedricmessiant]
  • update registerPloneFunction call in login.js (depreacted) [toutpt]

4.3 (2013-04-06)

  • Fix attribute values in selector expressions of mark_special_links.js. [mathias.leimgruber]
  • Add indexer for location so metadata is included in catalog [vangheem]
  • Fix rss 2.0 not providing actual link [vangheem]
  • Prevent js inline validation call to /at_validate_field for .blurrable inputs that do not have AT field data validation attributes. This avoids cluttering the error logs with useless at_validate_field errors for fields that just happen to have .blurrable class. [mcmahon]
  • Test for #7627 (

4.3rc1 (released)

  • add overlay for folder default page folder factories link [vangheem]
  • add sitemap.xml.gz to robots.txt fixes [vangheem]
  • update add site, overview and upgrade templates to use absolute urls to reference css and image resources so it works with virtual hosted sites to sub-folders fixes #11153 [vangheem]
  • Allow the Content-Type header to be set in [esteele]
  • Extract RegistrationTool’s sending of registration emails so that it can be more easily overridden. [esteele]
  • bump profile version [vangheem]
  • Add event to fix products installed with latest keyword activated by default. Event finds new products installed with the latest keyword and updates them to the last profile version. [eleddy]
  • Add event to trigger when a reordering is happening. Without this collective.solr and maybe other alternative indexes are kind of lost. Backport from 4.2.x [do3cc]
  • Robot Framework based acceptance tests added. [timo]
  • Remove comment form overlay which was only used for the old reply form. [timo]

4.3b2 (2013-01-17)

  • removing plone_ecmascript/ since its not working and since its not being ran by out test suite. [garbas]
  • Call searchUsers with the ‘name’ argument instead of ‘login’. ‘name’ is the officially supported way according to the PAS interface. [maurits]

4.3b1 (2012-01-02)

  • Changes to dependencies when creating a new site (plone-final) to fix #11997. [keul]
  • Generate valid atom feeds [lentinj]
  • Fix quoted atom.xml feed syndication content type to “html”. [elro]
  • Add various security fixes based on PloneHotfix20121106. [davisagli]
  • Fix RegistrationTool testPasswordValidity method. See [vipod]
  • Fix form_tabbing.js so it stays on the same fieldset when an Archetypes edit form is submitted and returns to itself. [davisagli]
  • Use the ‘OFS.ObjectManager.bad_id’ pattern in ‘PloneTool.BAD_CHARS’. This allows names containing ‘@’ to pass ‘check_id’. [elro]
  • Pass minute_step to date_components_support_view.result(). See [gbastien]
  • Improve error handling on paste action. If it is a real error, the error gets shown and logged. [do3cc]
  • Fix sitemap rendering. No longer uses from the plone_deprecated skin, but a browser view template with much simplified logic. [danjacka]
  • Revealed hidden features for sorting folders (#11317). [keul]
  • Don’t swallow exceptins on object_paste and folder_paste (#9365). [gaudenz]

4.3a2 (2012-10-18)

  • Use prefixed ids for popup overlays [maartenkling]
  • Fix compatible hide fieldset legend for IE6/7/8 in form_tabbing.js [maartenkling]
  • Add an animated indicator of AJAX loading via Javascript. It is now called #ajax-spinner and is no longer added in main_template. [davisagli]
  • Remove Plone’s dependency on KSS. is now an optional add-on. Functionality that used to be provided using KSS has been reimplemented. [esteele, vangheem, cah190, davisagli]
  • Do not block right-side portlets in Members folder on site creation. This fixes [polyester]
  • Fix prefs_install_product_readme so files with non-ascii characters are rendered. This fixes [ericof]
  • Fix StringIO module security so it can still be imported from restricted code in Zope 2.13.17+. [davisagli]
  • Filter out non existing types in getUserFriendlyTypes. This avoids an error on the search form when a no longer existing portal_type is still in the catalog. [maurits]
  • Declare Plone’s dependency on Pillow. [davisagli]
  • Merge syndication plip 12908 [vangheem]
  • Add body class depth registry field [vangheem]
  • Check if an item is locked before attempting to delete. Refs #11188 [eleddy]
  • We can safely move the MAX_TITLE to 50 and even move up MAX_DESCRIPTION 150 refs #11321 [maartenkling]
  • Remove inline styles, they do nothing, add class so someone can style it when they like refs #12438 [maartenkling]
  • Show forget password when entering wrong credentials refs #12463 [maartenkling]
  • Remove h3 to make consistent html refs #11344 [maartenkling]
  • Fix ‘Add New’ on Users/Groups Overviews shows overlay when clicking anywhere in form #12201 [maartenkling]
  • Fix events_listing #12477 [maartenkling]
  • Fix form_tabbing, to stay on current tab on submitting form [maartenkling]

4.3a1 (2012-08-31)

  • Hide ‘plone.resource’ and ‘collective.z3cform.datetimewidget’ from the site factory screen. These are only useful as dependencies of other packages. [optilude]
  • Define a ZCML feature called plone-43 in addition to the existing ones. [thet]
  • Deprecated getSiteEncoding and changed occurences to hardcoded utf-8 [tom_gross]
  • zope.globalrequest is a required dependency on tests. [hvelarde]
  • Make sure the ResourceRegistries registry setting is created for new sites. [davisagli]
  • Searches ignore accents. PLIP [thomasdesvenain]
  • IE critical fix on toggle select and form submit helpers. [thomasdesvenain]
  • Fixed javascript injections on jquery.highlightsearchterms.js [gborelli]
  • Tweak rules for sortable_title. So far we took the first 70 chars and zero-padded numbers to six digits. Now we zero-pad to four digits and take the first 30 and the last 10 characters, thus saving space while still distinguishing long titles which only differ at the end, like imported file or image names. [hannosch]
  • PEP 8 (ignoring W602, E203, E241, E301, E501 and E701). [pbdiode, hvelarde]
  • Add ‘displayPublicationDateInByline’ to site properties property sheet in order to finish PLIP #8699: Display publication date in author byline. [vipod]
  • Deprecated aliases were replaced on tests. [hvelarde]
  • Don’t register the plone_deprecated skin layer. These items are no longer supported as part of Plone and remain here temporarily as a convenience to those who may need to move them into their own packages. [davisagli]
  • Ensure multiple tabbed forms on the same page work when number of tabs is greater than threshold. [davidjb]
  • Remove deprecated jq reference from form tabbing JavaScript. [davidjb]
  • Remove incorrect line of form tabbing JavaScript which broke forms with more than 6 tabs. Fixes [davidjb]
  • accessibility improvements for screen readers regarding “more” links, see [rmattb, applied by polyester]
  • Fix an outdated “Send this” form handler property reference. [rossp]
  • removed search_form-template form plone_deprecated-skin. Use collective.searchform if you need this functionality. [tom_gross]
  • Use plone.batching for all batches (PLIP #12235) [tom_gross]
  • Re-apply PLIP 10901 to table_sort.js, fixing a bug with reversing sort on the first column. [mj]
  • support a PAS plugin for validating passwords PLIP [djay75]
  • Make redirection_view/attempt_redirect fall back to nothing in default_error_message template. If gets a URL with special characters, OOBTree.get raises a UnicodeDecodeError and the template fails. This fixes
  • Channel link in RSS feed now points to the un-syndicated content for the RSS feed, instead of the portal root. [patch by pydanny, applied by kleist]
  • Removed unused “localTimeFormat”, “localLongTimeFormat”, and “localTimeOnlyFormat” from “/portal_properties/site_properties”. Fixes [kleist]
  •,,,, Don’t use list as default parameter value. [kleist]
  • Use configuration registry to override translation of date format, or fall back to ISO style as last resort. Fixes [kleist]

Project details

Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for Products.CMFPlone, version 4.3.3
Filename, size File type Python version Upload date Hashes
Filename, size (1.5 MB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page