MS WebFolder and Zope

Monday, 12 December 2005

The January 2005 update of Web Folders breaks Zope again. This time, WebFolders require a Public header in the response …

Fix: by adding the header in
  /lib/python/webdav/Resource.py
RESPONSE.setHeader('Public', ', '.join(self.__http_methods__)) #XXXMSXXX

CLIENT: OPTIONS / HTTP/1.1
SERVER:
200 OK
Public: PUT, GET, OPTIONS, PROPFIND ...
Allow: PUT, GET, OPTIONS, PROPFIND ...

Funny thing is the Public header is used by exploit kits to sniff out presence of IIS. It is that proprietary.

By the way, MS-Auth-Via header is not required to work with Web Folders. (At least with this version).

Update 09 December 2005: the above patch only works if Anonymous User has access to index_html method. Otherwise, MS WebDAV client will issue
OPTIONS /yourobject
whereby REQUEST.traverse will attempt to access /yourobject/index_html

[This content was migrated from http://teyc.editthispage.com]

The entry 'MS WebFolder and Zope' was posted on December 12th, 2005 at 9:00 am and last modified on December 9th, 2005 at 8:57 pm, and is filed under Python. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

« Encoded vs Literal
JavaSchools and skill sets »