28 Dec
2001
28 Dec
'01
5:14 a.m.
At the time, I hadn't received any feedback (however, I'm not blaming anyone). I also never posted this to the collector before. Should one of us post this?
It would be appreciated, Joseph.
Just to be safe ... You shouldn't use this entire patch unless your server is behind apache or a proxy server and best if protected by a firewall. It could open a potential security leak if you use the "domains" field for authentication and the zope server is not protected by apache.
Is the issue that the X-Forwarded-For header controls the domain setting? - C