Richard Barrett wrote:
<snip>
My note: the client "MAY preemptively ...", not MUST. <snip> the credentials if the server issues a 401 challenge. However, for reasons known only to Zope's authors, when the contents of the "manage_main" frame are requested without credentials, Zope responds with a 302 Redirect rather than demanding authorization with a 401 response. This explains why Zope's default index_html contains the following (erroneous) note: <snip> "NOTE: Some versions of Microsoft Internet Explorer, (specifically IE 5.01 and early versions of IE 5.5) may have problems displaying Zope management pages. If you cannot view the management pages, try upgrading your IE installation to the latest release version, or use a different browser." <snip>
Maybe it is time to patch Zope so that it is RFC standards conformant ??
This is probably the best summary I've read on this issue... cheers, Chris