[Zope] Custom unauthorized message
Chris Withers
chrisw@nipltd.com
Tue, 17 Apr 2001 23:42:21 +0100
> Isn't the traceback a html comment by default? Dont think I changed that.
Only if you're running in production mode...
<rant type="boring" age="old" frequency="often">
In either case, it's incorrect HTML and a security risk.
The traceback should only be displayed if you choose to display it in your
standard_error_message with something like:
<dtml-var error_tb>
...not just tacked on the end of the generated page, after the </HTML>!
</rant>
*grinz*
Chris