Brian Lloyd wrote:
> > If I used some other WebDAV client, could I then download
> > acl_users, and
> > if so, would this expose usernames/passwords?
> It would not expose passwords - I believe that what you are seeing
> is a sort of non-obvious but basically harmless thing. User folders
> (acl_users) do not have an index_html method (by design). When a
> DAV client tries to "download" acl_users, it is actually acquiring
> the closest index_html from above and downloading that :^) One
> could argue that this is lame and that attempting to GET
> .../acl_users/ should raise an error (404?). I'm interested in
> other viewpoints on this - if there is some consensus, a proposed
> change should be put in the Collector.

Thanx for an informative response!

Btw I tried WebDAV vs. and that site refused the connection
Is there some obvious setting that I can use to disable WebDAV, since I
don't need it (as far as I know;)

        regards /Jacob Lundqvist
Phone: +46-708-555 456

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to