Hello, When do you plan to add the fix for "request must be post" at "Take Ownership" to a stable zope 2.10 release? It seems like this bug has been introduced with zope 2.10.2 or 2.10.3. An example of the bug can be found at http://zope.pastey.net/56726 It seems like you already submitted a fix to the svn trunk, see http://mail.zope.org/pipermail/zope-checkins/2007-March/032104.html But unfortunately this didn't went into a stable release yet. So my question is, do you plan to add this fix to the next zope2.10 stable release? greetings, jonas -- "In post-historical society, the rulers have ceased to rule, but the slaves remain slaves." - Perry Anderson
I may be missing something here, but the fact that you have to use POST is fully intentional and not a "bug". Stefan On 5. Jul 2007, at 11:27, Jonas Meurer wrote:
When do you plan to add the fix for "request must be post" at "Take Ownership" to a stable zope 2.10 release? It seems like this bug has been introduced with zope 2.10.2 or 2.10.3.
An example of the bug can be found at http://zope.pastey.net/56726
-- Anything that, in happening, causes something else to happen, causes something else to happen. --Douglas Adams
On 05/07/2007 Stefan H. Holek wrote:
I may be missing something here, but the fact that you have to use POST is fully intentional and not a "bug".
Yes, but it seems like this is not the case for the module AccessControl. It uses GET and therefore produces a bug. That's what the patch from http://mail.zope.org/pipermail/zope-checkins/2007-March/032104.html seems to fix. My only question is when this patch will be merged into a stable 2.10 release. greetings, jonas -- "In post-historical society, the rulers have ceased to rule, but the slaves remain slaves." - Perry Anderson
--On 5. Juli 2007 14:24:30 +0200 Jonas Meurer <jonas@freesources.org> wrote:
On 05/07/2007 Stefan H. Holek wrote:
I may be missing something here, but the fact that you have to use POST is fully intentional and not a "bug".
Yes, but it seems like this is not the case for the module AccessControl. It uses GET and therefore produces a bug. That's what the patch from http://mail.zope.org/pipermail/zope-checkins/2007-March/032104.html seems to fix. My only question is when this patch will be merged into a stable 2.10 release.
As far as I can see the patch has been applied to the Z.10 branch in a slight different form using a @postonly decorator. -aj
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jonas Meurer wrote:
Hello,
When do you plan to add the fix for "request must be post" at "Take Ownership" to a stable zope 2.10 release? It seems like this bug has been introduced with zope 2.10.2 or 2.10.3.
An example of the bug can be found at http://zope.pastey.net/56726
It seems like you already submitted a fix to the svn trunk, see http://mail.zope.org/pipermail/zope-checkins/2007-March/032104.html
But unfortunately this didn't went into a stable release yet.
So my question is, do you plan to add this fix to the next zope2.10 stable release?
The pastebin output above doesn't explain why you think Zope's behavior is a bug: it shows an attempt to call 'manage_takeOwnership' using a non-POST method, which is no longer allowed after the 'postonly' changes. Those changes landed for Zope 2.10.3: http://svn.zope.org/Zope/tags/2.10.3/lib/python/AccessControl/Owned.py Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGjQzN+gerLs4ltQ4RAuUMAKCtaeYH8wGlnEZldVqjy0SJBK5vFQCgwL8L tWsNSDUQuKqNF70Fm5Pk/j4= =9xm8 -----END PGP SIGNATURE-----
participants (4)
-
Andreas Jung -
Jonas Meurer -
Stefan H. Holek -
Tres Seaver