[Zope-CVS] CVS: Products/CookieCrumbler - CHANGES.txt:1.12 CookieCrumbler.py:1.19 version.txt:1.8

Shane Hathaway shane@zope.com
Tue, 1 Jul 2003 12:42:56 -0400


Update of /cvs-repository/Products/CookieCrumbler
In directory cvs.zope.org:/tmp/cvs-serv31567

Modified Files:
	CHANGES.txt CookieCrumbler.py version.txt 
Log Message:
CookieCrumbler now lets you disable or modify the Cache-Control header
to work around MSIE's irrational handling of the Cache-Control header.
See MS knowledge base article #316431, currently found at:

http://support.microsoft.com/support/kb/articles/q316/4/31.asp

Thanks to Eric Brun for pointing this out.



=== Products/CookieCrumbler/CHANGES.txt 1.11 => 1.12 ===
--- Products/CookieCrumbler/CHANGES.txt:1.11	Thu Jun 26 10:48:23 2003
+++ Products/CookieCrumbler/CHANGES.txt	Tue Jul  1 12:42:25 2003
@@ -1,4 +1,11 @@
 
+Next release
+
+- CookieCrumbler now lets you disable or modify the Cache-Control
+  header to work around MSIE's irrational handling of the Cache-Control
+  header.  See MS knowledge base article #316431.
+
+
 Version 1.1
 
 - CookieCrumblers are now folders that hold login forms.  This makes


=== Products/CookieCrumbler/CookieCrumbler.py 1.18 => 1.19 ===
--- Products/CookieCrumbler/CookieCrumbler.py:1.18	Wed Jun 18 11:49:40 2003
+++ Products/CookieCrumbler/CookieCrumbler.py	Tue Jul  1 12:42:25 2003
@@ -75,6 +75,8 @@
                     'label':'Failed authorization page ID'},
                    {'id':'local_cookie_path', 'type': 'boolean', 'mode':'w',
                     'label':'Use cookie paths to limit scope'},
+                   {'id':'cache_header_value', 'type': 'string', 'mode':'w',
+                    'label':'Cache-Control header value'},
                    )
 
     auth_cookie = '__ac'
@@ -85,6 +87,7 @@
     unauth_page = ''
     logout_page = 'logged_out'
     local_cookie_path = 0
+    cache_header_value = 'no-cache'
 
     security.declarePrivate('delRequestVar')
     def delRequestVar(self, req, name):
@@ -209,10 +212,12 @@
             resp._unauthorized = self._unauthorized
         if attempt != ATTEMPT_NONE:
             # Trying to log in or resume a session
-            # we don't want caches to cache the resulting page
-            resp.setHeader('Cache-Control', 'no-cache')
-            # demystify this in the response.
-            resp.setHeader('X-Cache-Control-Hdr-Modified-By', 'CookieCrumbler')
+            if self.cache_header_value:
+                # we don't want caches to cache the resulting page
+                resp.setHeader('Cache-Control', self.cache_header_value)
+                # demystify this in the response.
+                resp.setHeader('X-Cache-Control-Hdr-Modified-By',
+                               'CookieCrumbler')
             phys_path = self.getPhysicalPath()
             if self.logout_page:
                 # Cookies are in use.


=== Products/CookieCrumbler/version.txt 1.7 => 1.8 ===
--- Products/CookieCrumbler/version.txt:1.7	Wed Jun 25 16:49:58 2003
+++ Products/CookieCrumbler/version.txt	Tue Jul  1 12:42:25 2003
@@ -1 +1 @@
-CookieCrumbler-1.1
+CookieCrumbler-1.1+