[Zope3-dev] Re: [Zope3-checkins] SVN:
Zope3/trunk/src/zope/security/ When you get an Unauthorized
error, now you can see the object in addition to
Marius Gedminas
mgedmin at b4net.lt
Wed Feb 23 05:36:55 EST 2005
On Wed, Feb 23, 2005 at 08:08:39AM +0000, Chris Withers wrote:
> Marius Gedminas wrote:
>
> >Log message for revision 29253:
> > When you get an Unauthorized error, now you can see the object in
> > addition to
> > the attribute and permission names in the traceback.
> >
> > Should a minor change like this be mentioned in doc/CHANGES.txt?
>
> I do hope this is just a debug option?
>
> On a production site, an unauthorized shouldn't show ANY of the
> information you list above...
The standard Unauthorized exception view does not show any information.
You will see this information, if
- You have a functional test with handle_errors=False (my primary use
case)
or
- You change the configuration of the error reporting utility, because
it ignores Unauthorized exceptions by default. This requires manager
access to the Zope instance, I believe.
I also tried to see whether the debug skin would show me anything.
/++skin++Debug/@@contents.html always gives me a Not Found error, while
/++debug++errors/@@contents.html shows me the standard informationless
Unauthorized error message in the basic skin.
Marius Gedminas
--
I am right now in the process of reading the Xft source code (the suspense near
the end of Chapter 7 is unbearable) [...]
-- Juliusz Chroboczek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.zope.org/pipermail/zope3-dev/attachments/20050223/35ff1b37/attachment.bin
More information about the Zope3-dev
mailing list