Ticket #564 (defect)
Opened 4 years ago
Last modified 3 years ago
httpauthfilter.py is not compatible with the static filter
Status: closed (fixed)
| Reported by: | cherrypy_spam@perceptiveautomation.com | Assigned to: | lawouach |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | CherryPy code | Keywords: | |
| Cc: |
httpauthfilter.py always sets cherrypy.request.execute_main to True inside before_main. This breaks static filters which, because of the ordering in which input filters are applied, will have already had its before_main called and might have set cherrypy.request.execute_main to False. This override of setting execute_main from False to True causes a 404 instead of the static page to be returned.
My proposed fix:
remove the execute_main = False line from on_start_resource() (line 93).
and change this:
def before_main(self): cherrypy.request.execute_main = True if not cherrypy.request.isAuthorized: cherrypy.response.status = '401 Unauthorized' cherrypy.request.object_path = self.unauthorizedPath
to:
def before_main(self): if not cherrypy.request.isAuthorized: cherrypy.request.execute_main = True cherrypy.response.status = '401 Unauthorized' cherrypy.request.object_path = self.unauthorizedPath
The reasoning is that we should not modify execute_main at all unless authorization fails, in which case we are modifying object_path to be unauthorizedPath and we will want main to be executed.
Matt Bendiksen
Change History
09/25/06 02:41:17: Modified by rajasuperman@gmail.com
09/27/06 04:00:20: Modified by lawouach
- status changed from new to closed.
- resolution set to fixed.
I was facing exactly the same problem: including httpauthfilter caused static files to return 404. I tested this fix on CP 2.2.1 can confirm that my problem is solved. I now have both httpauthfilter and the static filter working perfectly. Thanks Matt!
- Raja