the response headers set in ZPublisher.HTTPResponse our not always RFC compliant. In case of exceptions you get: (round lines 670 in HTTPResponse.py)

if ev.find( '<html>') >= 0: ev = 'bobo exception' self.setHeader('bobo-exception-value', ev[:255])

If the content is a xml,wml,whtml,... page, this results in exception headers like:

Bobo-Exception-Value: <?xml version="1.0"?> <!DOCTYPE ...

while most browsers will not barf on this, we encountered numerous problems with wap-gateways refusing to swallow this.

Another question is whether it is wise to send things like
the file and line numbers where the exception took place to the client.
I can understand that it can be useful in debug mode, but I can't see a reason to do this in a production setup.

The simplest way of fixing this is to change the code to something like:

ev = 'bobo exception'
self.setHeader('bobo-exception-value', ev)

or to leave out these headers altogether.


Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to