Log message for revision 123233: Backport c123219 from trunk Changed: U Zope/branches/2.13/doc/CHANGES.rst U Zope/branches/2.13/src/ZPublisher/WSGIPublisher.py
-=- Modified: Zope/branches/2.13/doc/CHANGES.rst =================================================================== --- Zope/branches/2.13/doc/CHANGES.rst 2011-11-01 17:55:15 UTC (rev 123232) +++ Zope/branches/2.13/doc/CHANGES.rst 2011-11-01 19:07:58 UTC (rev 123233) @@ -8,6 +8,8 @@ 2.13.11 (unreleased) -------------------- +- Make it possible to use WSGI without repoze.who. + - Fixed serious authentication vulnerability in stock configuration. 2.13.10 (2011-10-04) Modified: Zope/branches/2.13/src/ZPublisher/WSGIPublisher.py =================================================================== --- Zope/branches/2.13/src/ZPublisher/WSGIPublisher.py 2011-11-01 17:55:15 UTC (rev 123232) +++ Zope/branches/2.13/src/ZPublisher/WSGIPublisher.py 2011-11-01 19:07:58 UTC (rev 123233) @@ -108,6 +108,9 @@ def _unauthorized(self): self.setStatus(401) + realm = self.realm + if realm: + self.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1) def write(self,data): """ Add data to our output stream. _______________________________________________ Zope-Checkins maillist - Zope-Checkins@zope.org https://mail.zope.org/mailman/listinfo/zope-checkins