Brian Lloyd wrote:
I propose that there be a "WebDAV Access" permission (to be consistent w/the existing "FTP Access" permission) that protects PROPFIND. Instead of defaulting to "Manager" only (as proposed by Ivo), I propose that it default to "Manager, Anonymous" so that current behavior is preserved. In other words, I think it is better that sites continue to work exactly as before after the change (but that the manager can then go turn off anonymous DAV access), rather than have sites suddenly "stop working with WebDAV" until the manager goes and gives anonymous that permission.
Wow, if you could just stretch to adding an "HTTP Access" permission, you would haev completely covered: http://dev.zope.org/Wikis/DevSite/Proposals/ProtocolAccessibility cool :-) Chris