[CMF-checkins] CVS: CMF - CookieCrumbler.py:1.6

tseaver@digicool.com tseaver@digicool.com
Mon, 21 May 2001 16:49:12 -0400 (EDT)


Update of /cvs-repository/CMF/CMFCore
In directory korak.digicool.com:/tmp/cvs-serv3688

Modified Files:
	CookieCrumbler.py 
Log Message:


 - Suppress "eager redirect" behavior in CookieCrumbler for FTP or
   WebDAV (note that WebDAV fix only works for "extra" HTTP methods;
   GET/PUT/POST still redirect).



--- Updated File CookieCrumbler.py in package CMF --
--- CookieCrumbler.py	2001/04/12 19:10:44	1.5
+++ CookieCrumbler.py	2001/05/21 20:49:12	1.6
@@ -95,6 +95,8 @@
 from zLOG import LOG, ERROR
 import sys
 
+from ZPublisher.HTTPRequest import HTTPRequest
+
 # Constants.
 ATTEMPT_NONE = 0
 ATTEMPT_LOGIN = 1
@@ -164,6 +166,15 @@
     security.declarePrivate('modifyRequest')
     def modifyRequest(self, req, resp):
         # Returns flags indicating what the user is trying to do.
+
+        if req.__class__ is not HTTPRequest:
+            req[ 'disable_cookie_login__' ] = 1
+            return ATTEMPT_NONE
+
+        if not req[ 'REQUEST_METHOD' ] in ( 'GET', 'PUT', 'POST' ):
+            req[ 'disable_cookie_login__' ] = 1
+            return ATTEMPT_NONE
+
         if not req._auth:
             if (req.has_key(self.pw_cookie) and
                 req.has_key(self.name_cookie)):