On Mon, May 29, 2000 at 04:08:59PM +0200, Marcus Collins wrote:
> > This is very ugly imho. It schould be sufficient, if one includes the
> > traceback-variable into the standard-error where its appropriate.
> > In the current implementation it will break the HTML-standard with
> > code outside <HTML></HTML> and additionally makes it impossible to get
> > error-messages to picky browsers, such as WAP-devices.
> 
> I second this -- despite the traceback being sometimes crucial to debug
> errors, its inclusion after the closing HTML tag goes against the standard.
> Furthermore, the traceback *could* sometimes be considered to pose a
> security risk, since it exposes the names of methods in the call stack, some
> of which should not necessarily be callable through the web. Or am I just
> being paranoid?
> 
> > Is it ok if we remove these lines?
> 
> I think there should be a knob to turn it off... and not for the whole site,
> but for a subtree (perhaps even on a folder-by-folder basis). That way, the
> folks who develop and deploy on a single Zope server (does anyone do this?)
> can keep their tracebacks on sites under development, but get rid of them on
> live sites.

We should probably switch to error_tb in the default standard_error_message,
including detecting if Zope is running in debug mode and using <PRE></PRE> and
<!-- --> when appropriate. You can then redefine standard_error_message to
exclude the traceback completely if you want to, or only in certain parts of
the site.

Seeing object names in a traceback doesn't necessarily mean that a site
visitor has access to those objects, nor does completely not giving a
traceback protect those objects from being called diectly. Only properly
configured security settings on those objects themselves gives proper
security, and then it doesn't matter wether or not their names are publicly
visible.

> > Do I have to copy this message to the collector and wait for 
> > a couple of months or can we do it instantly? ;-)

Do you still experience the Collector as black hole? Could you report this to
Tres Savier, the person currently monitoring the COllector and cleaning it
out? Thanks!

In the meantime, please do report this there, this would be a useful change,
if only to let more people understand how to switch tracebacks off..

-- 
Martijn Pieters
| Software Engineer    mailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope       http://www.zope.org/
|   The Open Source Web Application Server
---------------------------------------------

_______________________________________________
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to