On Mon, May 29, 2000 at 04:08:59PM +0200, Marcus Collins wrote:
This is very ugly imho. It schould be sufficient, if one includes the traceback-variable into the standard-error where its appropriate. In the current implementation it will break the HTML-standard with code outside <HTML></HTML> and additionally makes it impossible to get error-messages to picky browsers, such as WAP-devices.
I second this -- despite the traceback being sometimes crucial to debug errors, its inclusion after the closing HTML tag goes against the standard. Furthermore, the traceback *could* sometimes be considered to pose a security risk, since it exposes the names of methods in the call stack, some of which should not necessarily be callable through the web. Or am I just being paranoid?
Is it ok if we remove these lines?
I think there should be a knob to turn it off... and not for the whole site, but for a subtree (perhaps even on a folder-by-folder basis). That way, the folks who develop and deploy on a single Zope server (does anyone do this?) can keep their tracebacks on sites under development, but get rid of them on live sites.
We should probably switch to error_tb in the default standard_error_message, including detecting if Zope is running in debug mode and using <PRE></PRE> and <!-- --> when appropriate. You can then redefine standard_error_message to exclude the traceback completely if you want to, or only in certain parts of the site. Seeing object names in a traceback doesn't necessarily mean that a site visitor has access to those objects, nor does completely not giving a traceback protect those objects from being called diectly. Only properly configured security settings on those objects themselves gives proper security, and then it doesn't matter wether or not their names are publicly visible.
Do I have to copy this message to the collector and wait for a couple of months or can we do it instantly? ;-)
Do you still experience the Collector as black hole? Could you report this to Tres Savier, the person currently monitoring the COllector and cleaning it out? Thanks! In the meantime, please do report this there, this would be a useful change, if only to let more people understand how to switch tracebacks off.. -- Martijn Pieters | Software Engineer mailto:mj@digicool.com | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ | The Open Source Web Application Server ---------------------------------------------