Dirk Datzert wrote:
Hello Holger,
Which javscript bug can affected by Authorization ?
If you e.g. do in javascript:
p = new HttpRequest(); p.open("POST", url); p.send(somestring, true);
and the POST-url requires HTTP-Authentication from the Zope-side then Mozilla fails to resend a correct POST-request with authorization. In fact, mozilla doesn't send the body of the POST-request anymore. It doesn't matter if you have already been authenticated (through the browser-login-window) before or during that interaction.
Why you do not change the workflow ? first authentication, then show the form or javascript page, and sent HttpRequest if user is authenticated ?
It doesn't matter if you authenticated after the first POST-request or at the time when you received the html-page containing the script. See here for a more detailed description (also involving Zope): http://bugzilla.mozilla.org/show_bug.cgi?id=176051 I am convinced that this problem has nothing to do with Zope. But i need the 'Authorization' header info within the Zope-App to circumvent this bug. So my question remains: Isn't it possible to get to the raw header information of a request from a PythonScript or PageTemplate? regards, holger