[Grok-dev] five.grok ZopeTwoDirectoryResource and security

Sylvain Viollon sylvain at infrae.com
Mon Mar 23 04:57:01 EDT 2009

Le Fri, 20 Mar 2009 13:34:11 +0900,
Martin Aspeli <optilude+lists at gmail.com> a écrit :

> Hi again,


> Sorry for the flood of little issues...
> I am using an auto-registered 'static' directory in my package. This 
> works when I traverse to it via URL 
> (http://example.com/siteroot/++resource++my.package/foo.css).
> However, in Plone, the ResourceRegistries has some code that attempts
> to do an 'exists:' path expression on the resource to decide whether
> to include it when the CSS is cooked into a single stylesheet. This
> returns false.
> I found the cause though: If I try to do path-traverse to 
> portal/++resource++my.package/foo.css, I get an Unauthorized
> exception: "the container has no security assertions". "The
> container" here is the ZopeTwoDirectoryResource.
> This does not happen with a <browser:resourceDirectory /> registered
> in ZCML.

  Could you make a launchpad issue ? It will be the first one:


  I can look at it / and fix it (or you can do it if you want).

  Best regards,


Sylvain Viollon -- Infrae
t +31 10 243 7051 -- http://infrae.com
Hoevestraat 10 3033GC Rotterdam -- The Netherlands
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/grok-dev/attachments/20090323/80531c4f/attachment.bin 

More information about the Grok-dev mailing list