Commit 37fee9c1 authored by Hanno Schlichting's avatar Hanno Schlichting

Backport c123219 from trunk

parent 5ca0575f
......@@ -8,6 +8,8 @@ http://docs.zope.org/zope2/releases/.
2.13.11 (unreleased)
--------------------
- Make it possible to use WSGI without repoze.who.
- Fixed serious authentication vulnerability in stock configuration.
2.13.10 (2011-10-04)
......
......@@ -108,6 +108,9 @@ class WSGIResponse(HTTPResponse):
def _unauthorized(self):
self.setStatus(401)
realm = self.realm
if realm:
self.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
def write(self,data):
""" Add data to our output stream.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment