[Zope] Custom unauthorized message

Chris Withers chrisw@nipltd.com
Tue, 17 Apr 2001 23:42:21 +0100


> Isn't the traceback a html comment by default? Dont think I changed that.

Only if you're running in production mode...

<rant type="boring" age="old" frequency="often">
In either case, it's incorrect HTML and a security risk.
The traceback should only be displayed if you choose to display it in your
standard_error_message with something like:

<dtml-var error_tb>

...not just tacked on the end of the generated page, after the </HTML>!

</rant>

*grinz*

Chris