making the headers compliant and removing the leading path would solve the problem, but would probably break the rpc-like mechanism you talk about anyway, no ?
no. :)
I would fix/remove this myself (<10 minutes of work) but I don't have CVS write access, and you/we first need to decide what is most appropriate:
Ok, for those interested, here's what I've done for 2.6.2 and 2.7 : - Any leading path info on the bobo-exception-file header is stripped - The bobo-exception-value now *always* says: "See the server error logs for details", to avoid inadvertantly exposing other things or producing arbitrarily chopped output that could confuse things like mobile device gateways. Brian Lloyd brian@zope.com V.P. Engineering 540.361.1716 Zope Corporation http://www.zope.com