On 4/20/10 15:17 , yuppie wrote: > Hi! > > > Wichert Akkerman wrote: >> Unauthorised is doing stupid things here: >> >> (Pdb) p v >> Unauthorized() >> (Pdb) p unicode(v) >> u'' >> (Pdb) p str(v) >> *** UnicodeEncodeError: UnicodeEncodeError('ascii', >> u'<!DOCTYPE html...', 1175, 1176, 'ordinal not in range(128)') >> >> I added an extra change (see diff below) to fix that, after which things >> seemed to work. > > Great!
Can you commit that change along with your other changes? >> Still, I can not see any good reason to reraise >> Unauthorised exceptions if there is a valid exception view for them. >> This approach feels like we are attacking the symptom instead of fixing >> the problem. > > Zope 2.12.4 was definitely broken: > > 401 Unauthorized responses "MUST include a WWW-Authenticate header > field", see > http://tools.ietf.org/html/rfc2616#section-10.4.2 Hm, fair point. > Re-raising the exceptions makes sure the post-processing in > HTTPResponse.exception is called. That is also expected by > CookieCrumbler and PAS. The authentication dance between the publisher, request, PAS and CookieCrumbler really is a bit contrived :( > A better fix would be to store the rendered exception value in the > response object instead of the exception object. That way we could > re-raise *all* exceptions as it was done in older Zope versions. > > But this would have been a bigger refactoring with more risks to break > something else. Perhaps something for 2.13 :) Wichert. _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )