[Zope-CVS] CVS: Products/CookieCrumbler - CHANGES.txt:1.7 CookieCrumbler.py:1.15 __init__.py:1.3 addCC.dtml:NONE logged_in.dtml:NONE logged_out.dtml:NONE login_form.dtml:NONE
Shane Hathaway
shane@zope.com
Fri, 6 Jun 2003 11:16:07 -0400
Update of /cvs-repository/Products/CookieCrumbler
In directory cvs.zope.org:/tmp/cvs-serv24607
Modified Files:
CHANGES.txt CookieCrumbler.py __init__.py
Removed Files:
addCC.dtml logged_in.dtml logged_out.dtml login_form.dtml
Log Message:
- Reformatted CookieCrumbler.py to match the version in CMFCore. This
will make it easier to keep the two copies in sync.
- Changed the meta_type to not conflict with the version in CMFCore.
- Cleaned up CHANGES.txt
=== Products/CookieCrumbler/CHANGES.txt 1.6 => 1.7 ===
--- Products/CookieCrumbler/CHANGES.txt:1.6 Thu Jul 25 09:57:55 2002
+++ Products/CookieCrumbler/CHANGES.txt Fri Jun 6 11:15:36 2003
@@ -1,9 +1,32 @@
-Version 0.5-CVS
+
+Next release
+
+- Reformatted CookieCrumbler.py to match the version in CMFCore. This
+ will make it easier to keep the two copies in sync.
+
+- Changed the meta_type to not conflict with the version in CMFCore.
- Fixed CookieCrumbler to emit "Basic" and not "basic" auth as per HTTP
spec (CMF Collector #14). This fixes some WebDAV locking problems with
(rightfully) picky clients, like ExternalEditor.
+- A "Cache-Control: no-cache" header is now sent along in responses
+ that employ cookie auth to avoid potential security issues with
+ public caches serving stored "authorized" pages.
+
+
+Version 0.5
+
+- Cookie crumblers were causing an authentication error on logout.
+ Corrected.
+
+- Cookie paths weren't being set correctly when local paths were turned
+ on. Actually, the enabling of local paths was reversed from what the
+ checkbox label implied, doubling the confusion.
+
+- Made sure inner cookie crumblers can override the logout form.
+
+
Version 0.4
- CookieCrumblers in nested folders are now possible. You can just drop
@@ -19,18 +42,3 @@
- Merged WebDAV source port fix from CMFCore
-Version 0.5
-
-- Cookie crumblers were causing an authentication error on logout. Corrected.
-
-- Cookie paths weren't being set correctly when local paths were turned
- on. Actually, the enabling of local paths was reversed from what the
- checkbox label implied, doubling the confusion.
-
-- Made sure inner cookie crumblers can override the logout form.
-
-Unreleased
-
-- A "Cache-Control: no-cache" header is now sent along in responses
- that employ cookie auth to avoid potential security issues with
- public caches serving stored "authorized" pages.
=== Products/CookieCrumbler/CookieCrumbler.py 1.14 => 1.15 ===
--- Products/CookieCrumbler/CookieCrumbler.py:1.14 Fri May 30 09:38:52 2003
+++ Products/CookieCrumbler/CookieCrumbler.py Fri Jun 6 11:15:36 2003
@@ -1,24 +1,22 @@
##############################################################################
#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
+# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
+# FOR A PARTICULAR PURPOSE
#
##############################################################################
-'''$Id$
-'''
+""" Cookie Crumbler: Enable cookies for non-cookie user folders.
+
+$Id$
+"""
-import sys
from base64 import encodestring, decodestring
from urllib import quote, unquote
-from os import path
-
from Acquisition import aq_inner, aq_parent
from DateTime import DateTime
from utils import SimpleItemWithProperties
@@ -27,9 +25,9 @@
import Globals
from Globals import HTMLFile
from zLOG import LOG, ERROR
-from App.Common import package_home
+import sys
+
from ZPublisher.HTTPRequest import HTTPRequest
-from OFS.DTMLMethod import addDTMLMethod
# Constants.
ATTEMPT_DISABLED = -1 # Disable cookie crumbler
@@ -39,8 +37,7 @@
ModifyCookieCrumblers = 'Modify Cookie Crumblers'
-
-class CookieCrumbler(SimpleItemWithProperties):
+class CookieCrumbler (SimpleItemWithProperties):
'''
Reads cookies during traversal and simulates the HTTP
authentication headers.
@@ -84,6 +81,8 @@
security.declarePrivate('delRequestVar')
def delRequestVar(self, req, name):
+ # No errors of any sort may propagate, and we don't care *what*
+ # they are, even to log them.
try: del req.other[name]
except: pass
try: del req.form[name]
@@ -177,8 +176,7 @@
# moving the cookie to _auth, but the inner CC
# should have the opportunity to override logout forms, etc.
return ATTEMPT_RESUME
- else:
- return ATTEMPT_NONE
+ return ATTEMPT_NONE
def __call__(self, container, req):
'''The __before_publishing_traverse__ hook.'''
@@ -218,6 +216,8 @@
def _cleanupResponse(self):
resp = self.REQUEST['RESPONSE']
+ # No errors of any sort may propagate, and we don't care *what*
+ # they are, even to log them.
try: del resp.unauthorized
except: pass
try: del resp._unauthorized
@@ -317,6 +317,9 @@
def __del__(self):
# Free the references.
+ #
+ # No errors of any sort may propagate, and we don't care *what*
+ # they are, even to log them.
try: del self.resp.unauthorized
except: pass
try: del self.resp._unauthorized
@@ -325,7 +328,7 @@
except: pass
-manage_addCCForm = HTMLFile('addCC', globals())
+manage_addCCForm = HTMLFile('dtml/addCC', globals())
manage_addCCForm.__name__ = 'addCC'
def manage_addCC(self, id, create_forms=0, REQUEST=None):
@@ -334,9 +337,11 @@
ob.id = id
self._setObject(id, ob)
if create_forms:
- here = package_home(globals())
+ import os
+ from OFS.DTMLMethod import addDTMLMethod
+ dtmldir = os.path.join(os.path.dirname(__file__), 'dtml')
for fn in ('login_form', 'logged_in', 'logged_out'):
- filename = path.join(here, fn + '.dtml')
+ filename = os.path.join(dtmldir, fn + '.dtml')
f = open(filename, 'rt')
try: data = f.read()
finally: f.close()
=== Products/CookieCrumbler/__init__.py 1.2 => 1.3 ===
--- Products/CookieCrumbler/__init__.py:1.2 Tue Jun 4 09:17:10 2002
+++ Products/CookieCrumbler/__init__.py Fri Jun 6 11:15:36 2003
@@ -14,6 +14,8 @@
import CookieCrumbler
+CookieCrumbler.CookieCrumbler.meta_type = 'Cookie Crumbler (Standalone)'
+
def initialize(context):
context.registerClass(
CookieCrumbler.CookieCrumbler,
=== Removed File Products/CookieCrumbler/addCC.dtml ===
=== Removed File Products/CookieCrumbler/logged_in.dtml ===
=== Removed File Products/CookieCrumbler/logged_out.dtml ===
=== Removed File Products/CookieCrumbler/login_form.dtml ===