Hi!
Wichert Akkerman wrote: > Unauthorised is doing stupid things here: > > (Pdb) p v > Unauthorized() > (Pdb) p unicode(v) > u'' > (Pdb) p str(v) > *** UnicodeEncodeError: UnicodeEncodeError('ascii', > u'<!DOCTYPE html...', 1175, 1176, 'ordinal not in range(128)') > > I added an extra change (see diff below) to fix that, after which things > seemed to work. Great! > Still, I can not see any good reason to reraise > Unauthorised exceptions if there is a valid exception view for them. > This approach feels like we are attacking the symptom instead of fixing > the problem. Zope 2.12.4 was definitely broken: 401 Unauthorized responses "MUST include a WWW-Authenticate header field", see http://tools.ietf.org/html/rfc2616#section-10.4.2 Re-raising the exceptions makes sure the post-processing in HTTPResponse.exception is called. That is also expected by CookieCrumbler and PAS. A better fix would be to store the rendered exception value in the response object instead of the exception object. That way we could re-raise *all* exceptions as it was done in older Zope versions. But this would have been a bigger refactoring with more risks to break something else. Cheers, Yuppie _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )