[Zope-Checkins] CVS: Zope/lib/python/ZServer -
HTTPResponse.py:1.43.8.5
Jens Vagelpohl
jens at dataflake.org
Sat Oct 1 09:18:49 EDT 2005
Update of /cvs-repository/Zope/lib/python/ZServer
In directory cvs.zope.org:/tmp/cvs-serv19060/lib/python/ZServer
Modified Files:
Tag: Zope-2_7-branch
HTTPResponse.py
Log Message:
- Collector #1863: Prevent possibly sensitive information to leak via
the TransientObject's __repr__ method.
=== Zope/lib/python/ZServer/HTTPResponse.py 1.43.8.4 => 1.43.8.5 ===
--- Zope/lib/python/ZServer/HTTPResponse.py:1.43.8.4 Sun Aug 29 19:38:43 2004
+++ Zope/lib/python/ZServer/HTTPResponse.py Sat Oct 1 09:18:19 2005
@@ -72,9 +72,11 @@
self.status == 200:
self.setStatus('nocontent')
- # add content length if not streaming
+ # add content length if not streaming or if the status is
+ # not 304, where it's not allowed (see RFC 2616)
if not headers.has_key('content-length') and \
- not self._streaming:
+ not self._streaming and \
+ self.status not in (304,):
self.setHeader('content-length',len(body))
More information about the Zope-Checkins
mailing list