Dirk Datzert wrote:
> Hello Holger,
> > > Which javscript bug can affected by Authorization ?
> > 
> > If you e.g. do in javascript:
> > 
> >     p = new HttpRequest();
> >     p.open("POST", url);
> >     p.send(somestring, true);
> > 
> > and the POST-url requires HTTP-Authentication from the Zope-side
> > then Mozilla fails to resend a correct POST-request with authorization.
> > In fact, mozilla doesn't send the body of the POST-request anymore.
> > It doesn't matter if you have already been authenticated (through the
> > browser-login-window) before or during that interaction.
> > 
> Why you do not change the workflow ? first authentication, then show the
> form or javascript page, and sent HttpRequest if user is authenticated ?

It doesn't matter if you authenticated after the first POST-request 
or at the time when you received the html-page containing the script.  

See here for a more detailed description (also involving Zope):


I am convinced that this problem has nothing to do with Zope. 
But i need the 'Authorization' header info within the Zope-App
to circumvent this bug. 

So my question remains: Isn't it possible to get to the raw header
information of a request from a PythonScript or PageTemplate?



Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to