Commit bae502cb authored by Hanno Schlichting's avatar Hanno Schlichting

Handle Unauthorized exceptions in xmlrpc correctly - backport from trunk

parent 6136da39
......@@ -11,6 +11,8 @@ http://docs.zope.org/zope2/releases/.
Bugs Fixed
++++++++++
- Handle Unauthorized exceptions in xmlrpc correctly.
- Five's processInputs() would stomp on :list or :tuple values that contained
ints or other non-strings, would clear out :records entirely, and would not
do anything for :record fields.
......
......@@ -148,16 +148,15 @@ class Response:
absuri_match=None, tag_search=None):
# Fetch our exception info. t is type, v is value and tb is the
# traceback object.
if type(info) is type(()) and len(info)==3: t,v,tb = info
else: t,v,tb = sys.exc_info()
if isinstance(info, tuple) and len(info) == 3:
t, v, tb = info
else:
t, v, tb = sys.exc_info()
# Don't mask 404 respnses, as some XML-RPC libraries rely on the HTTP
# mechanisms for detecting when authentication is required. Fixes Zope
# Collector issue 525.
if t == 'Unauthorized' or (
isinstance(t, types.ClassType) and issubclass(t, Unauthorized)
):
if issubclass(t, Unauthorized):
return self._real.exception(fatal=fatal, info=info)
# Create an appropriate Fault object. Containing error information
......@@ -175,7 +174,6 @@ class Response:
value = '\n' + ''.join(format_exception(t, vstr, tb))
else:
value = '%s - %s' % (t, vstr)
if isinstance(v, Fault):
f=v
elif isinstance(v, Exception):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment