[Zope-CMF] A bit of a glitch with FTP PUT

Tres Seaver tseaver@digicool.com
Mon, 21 May 2001 08:02:37 -0400 (EDT) 

On Mon, 21 May 2001, seb bacon wrote:

> * Tres Seaver <tseaver@novacoxmail.com> [010521 13:03]:
> > > I've been struggling with the WebDAV, myself.  I mentioned
> > > last week that one problem is that CookieCrumbler does
> > > redirection when Unauthorized is raised, which breaks
> > > WebDAV.  FWIW, although it's not exactly a watertight
> > > solution, I've found the attached works with all the
> > > clients I've tested it on.  And I can't think of any other
> > > way round it, unfortunately.
> > 
> > The simpler workaround is to clear the "auto_login_page"
> > property of the CookieCrumbler;  this disables its "eager
> > redirect" behavior.  I do want a better solution;  one
> > possibility is to have the publisher hack some additional
> > state into the REQUEST if it arrives on the "WebDAV source
> > port".
> 
> Thing is, I *like* the eager redirect behaviour of the
> CookieCrumbler - linking to non-public documents is likely to
> be a common scenario, and this makes all the authentication a
> bit more pleasant. 
> 
> I'm not too keen on forcing people to use a non-standard port,
> either - wouldn't it confuse the majority of users?

The win is that we can "do the Right Thing" about rendering /
accepting requests on that port (show the "source view" of
documents, rather than the rendered view;  do special PUT
processing, etc.)   WebDAV *has* a "source only" query available,
but none of the clients use it;  the source port hack is our best
workaround for that.  Ethan has even put in a request to the ICANN
group for a standard port number for it.

> Although it's fairly nasty, the strategy of checking for DAV
> headers is already present in Zope, so would it be so bad to
> extend it to the CMF?

The problem is that WebDAV PUT/GET requests are indistinguishable
from "normal" HTTP PUT/GET.

> However, it's the least appealing solution to any problem I've ever
> seen, so maybe not ...;)
>  
> > Thanks for the feedback!  WebDAV and FTP fixes are probably the last
> > stuff on the radar for a 1.1;  I'm hoping to cut a beta by Friday.
> 
> Great!  I'm looking forward to it...

Tres.
-- 
===============================================================
Tres Seaver                                tseaver@digicool.com
Digital Creations     "Zope Dealers"       http://www.zope.org