Oliver Bleutgen wrote at 2003-1-17 18:02 +0100:
> Dieter Maurer wrote:
> > You might use a "SiteAccess" access rule.
> Dieter, thanks for the suggestion. But I don't see how SiteAccess could
> help me here, maybe I'm missing something.
> Basically, what I want to do is to prevent zope from ever sending a
> unauthorized response to a clear text http request,
In your AccessRule, you can customize the
the "_unauthorized" method of the RESPONSE object.
The AccessRule must be implemented in an External Method
in order to be able to change "RESPONSE._unauthorized".
You can look at Cookie Crumbler. It uses a similar technique
to prevent an Unauthorized response and rather display its
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -