[Zope-dev] acessing raw header information?
holger krekel
pyth@devel.trillke.net
Sat, 2 Nov 2002 16:18:41 +0100
Dirk Datzert wrote:
> Hello Holger,
>
> > > Which javscript bug can affected by Authorization ?
> >
> > If you e.g. do in javascript:
> >
> > p = new HttpRequest();
> > p.open("POST", url);
> > p.send(somestring, true);
> >
> > and the POST-url requires HTTP-Authentication from the Zope-side
> > then Mozilla fails to resend a correct POST-request with authorization.
> > In fact, mozilla doesn't send the body of the POST-request anymore.
> > It doesn't matter if you have already been authenticated (through the
> > browser-login-window) before or during that interaction.
> >
>
> Why you do not change the workflow ? first authentication, then show the
> form or javascript page, and sent HttpRequest if user is authenticated ?
It doesn't matter if you authenticated after the first POST-request
or at the time when you received the html-page containing the script.
See here for a more detailed description (also involving Zope):
http://bugzilla.mozilla.org/show_bug.cgi?id=176051
I am convinced that this problem has nothing to do with Zope.
But i need the 'Authorization' header info within the Zope-App
to circumvent this bug.
So my question remains: Isn't it possible to get to the raw header
information of a request from a PythonScript or PageTemplate?
regards,
holger