IRC log of #zope for Wednesday, 2010-12-22

*** jim_SFU has quit IRC00:04
CIA-78achapman * r119039 /zc.monitorcache: - add zc.monitorcache00:19
CIA-78achapman * r119040 /zc.monitorcache/ (tags trunk branches): - project structure00:19
*** ccomb has joined #zope00:25
*** giampaolo__ has joined #zope00:28
CIA-78achapman * r119041 zc.monitorcache/ (11 files in 5 dirs): - Add files00:33
CIA-78achapman * r119042 zc.monitorcache/: - add more ignores00:33
*** allisterb has quit IRC00:59
*** J1m has quit IRC01:05
*** m8 has quit IRC01:05
*** Arfrever has quit IRC01:15
*** neo|4D has quit IRC01:17
CIA-78gotcha * r119043 gocept.selenium/CHANGES.txt: update changelog01:18
CIA-78gotcha * r119043 gocept.selenium/CHANGES.txt: update changelog01:40
*** mr_jolly has joined #zope01:48
*** menesis has left #zope01:59
*** mr_jolly has left #zope02:02
*** ccomb has quit IRC02:16
*** mr_jolly has joined #zope02:16
*** MrTango has quit IRC02:30
CIA-78ulif * r119044 /grok/branches/ulif-docs2sphinx: Create branch for complete docs update, including shift to newer sphinx (getting rid of grokdocs).02:31
*** mr_jolly has quit IRC02:36
*** alga has quit IRC02:42
*** giampaolo__ has quit IRC02:45
*** giampaolo_ has quit IRC02:45
*** supton_ has joined #zope02:45
*** supton has quit IRC02:45
*** supton_ is now known as supton02:45
CIA-78ulif ulif-docs2sphinx * r119045 grok/ Declare dependencies for doc building.02:46
CIA-78ulif ulif-docs2sphinx * r119046 grok/buildout.cfg:02:46
CIA-78Use Sphinx directly to build the docs, deploying02:46
*** supton has quit IRC02:50
*** astoon has quit IRC02:54
CIA-78ulif ulif-docs2sphinx * r119047 grok/grokdocs/src/grokdocs: Remove SVN external.03:02
CIA-78ulif ulif-docs2sphinx * r119048 grok/ (grokdocs buildout.cfg CHANGES.txt): Remove grokdocs subpackage. Docs are now created via a buildout recipe.03:02
*** astoon has joined #zope03:03
*** allisterb has joined #zope03:11
CIA-78ulif ulif-docs2sphinx * r119049 grok/doc/ Use `pkg_resources` to get version number.03:17
CIA-78ulif ulif-docs2sphinx * r119050 grok/doc/ Update year.03:17
*** alvaro_o has quit IRC03:17
*** davisagli is now known as davisagli|away03:19
*** tiwula has quit IRC03:24
*** fredvd|shop has quit IRC03:34
*** davisagli|away is now known as davisagli03:43
*** daMaestro has quit IRC03:46
*** davisagli is now known as davisagli|away03:47
*** davisagli|away is now known as davisagli04:00
*** davisagli is now known as davisagli|away04:02
*** davisagli|away is now known as davisagli04:25
*** shastry has quit IRC04:27
*** astoon has quit IRC05:29
*** davisagli is now known as davisagli|away05:32
*** davisagli|away is now known as davisagli05:36
*** davisagli is now known as davisagli|away05:46
*** davisagli|away is now known as davisagli05:52
*** benji has quit IRC06:14
*** redir has quit IRC06:26
*** davisagli is now known as davisagli|away06:34
*** astoon has joined #zope06:38
*** __mac__ has joined #zope06:50
*** davisagli|away is now known as davisagli06:55
*** sm has quit IRC07:49
*** redir has joined #zope07:55
*** davisagli is now known as davisagli|away08:07
*** astoon has quit IRC08:11
*** davisagli|away is now known as davisagli08:17
*** indraveni has joined #zope08:27
indravenihi all08:27
indravenidoes zope server supports http methods , PUT, POST, GET, TRACE etc08:28
indraveniis so how to configure it securely so that all those are denied and allow only post, get and options08:28
indravenias we do in apache server08:28
indraveniis this channel live?08:33
*** tisto has joined #zope08:38
*** zagy has joined #zope08:40
xanalogicaindraveni, the channel is live; there are 44 other people here08:40
xanalogicayour question is odd - yes, ZServer supports various HTTP methods but you don't enable/disable such low-level aspects.  You define permissions/roles on the objects within Zope.08:41
xanalogicaI know that Apache does that - but it does not match up with the way Zope works.08:42
*** wosc has joined #zope08:45
*** tisto is now known as tisto|away08:50
*** __mac__ has joined #zope08:55
*** indraveni has left #zope08:57
*** tisto|away is now known as tisto09:34
*** davisagli is now known as davisagli|away09:51
*** MrTango has joined #zope09:57
*** eperez has joined #zope10:00
*** goschtl has joined #zope10:12
*** neo|4D has joined #zope10:16
*** digitalmortician has joined #zope10:17
*** planetzopebot has quit IRC10:33
*** planetzopebot has joined #zope10:34
*** __mac__ has quit IRC10:38
*** __mac__ has joined #zope10:40
*** ccomb has joined #zope10:41
*** alga has joined #zope10:42
*** tisto is now known as tisto|away11:11
*** Theuni_ has joined #zope11:20
*** Theuni_ is now known as Guest740311:20
*** Guest7403 has quit IRC11:22
*** Theuni__ has joined #zope11:22
*** tmassman has joined #zope11:30
*** sunew has joined #zope11:33
*** sylvain has joined #zope11:34
*** menesis has joined #zope11:40
*** RichardBarrell has quit IRC12:01
CIA-78ulif ulif-docs2sphinx * r119051 grok/doc/ (upgrade.txt reference/functions.rst): Fix markup.12:03
CIA-78ulif ulif-docs2sphinx * r119052 grok/doc/contents.rst: Add glossary in tree structure.12:03
*** gwik has quit IRC12:08
*** xanalogica has quit IRC12:09
*** mr_jolly has joined #zope12:10
*** alga has quit IRC12:13
*** tmassman has quit IRC12:14
*** xanalogica has joined #zope12:23
*** alga has joined #zope12:24
*** gwik has joined #zope12:32
CIA-78ulif ulif-docs2sphinx * r119053 grok/doc/index.rst: Anchor contents.rst in doctree structure and give index a name.12:33
*** hever has joined #zope12:33
*** teix has joined #zope12:37
*** hever has quit IRC12:38
*** drmarkafriedman has joined #zope12:38
*** hever has joined #zope12:40
CIA-78ulif ulif-docs2sphinx * r119054 grok/doc/contents.rst: Include README.rst in toctree structure.12:48
CIA-78ulif ulif-docs2sphinx * r119055 grok/doc/README.rst: Update README to reflect changes.12:48
CIA-78ulif ulif-docs2sphinx * r119056 grok/CHANGES.txt: Tell more about the new documentation toolchain.12:48
*** goschtl has quit IRC13:03
*** mr_jolly has left #zope13:21
*** mr_jolly has joined #zope13:27
*** gayathri has joined #zope13:37
gayathriis there a way to hide the zope server signature13:37
betabugprobably in apache setup13:37
gayathriapache setup is hiding apache signature but not zope signature13:38
*** vipod has joined #zope13:38
betabugthere's just one "Server" header IIRC13:39
gayathriI don't know, but in my apache conf, i have server signature off and servertokens prod, still I see the following13:40
gayathriServer: Zope/(unreleased version, python 2.4.6, linux2) ZServer/1.1 Plone/3.3.513:40
gayathriwhen i see the http header information13:40
*** yvl has quit IRC13:43
gayathrithe information given in that link is hiding apache information13:43
gayathribut the above information is still available13:43
gayathrii am sorry not in http header i should say13:43
gayathriactually, I am trying to connect to my server using13:44
gayathritelnetl localhost 8013:44
betabugin which header then?13:44
gayathriand then13:44
gayathriOPTIONS / HTTP/1.113:44
gayathriin reply to this I see the above pasted Server:...13:44
gayathrican this be hided?13:44
*** yvl has joined #zope13:45
gayathrii have seen that post earlier, but din't get the monkey patch13:47
gayathriand how tht helps me in unclear13:47
betabugthere is no monkey patch13:47
betabugyou change it in the apache config13:47
betabuguse mod_headers or something13:48
gayathrior where that medusa module i can get13:48
betabugor ServerTokens13:48
*** __mac__ has quit IRC13:52
*** drmarkafriedman has quit IRC13:55
*** __mac__ has joined #zope13:56
*** menesis has quit IRC14:01
*** hever has quit IRC14:01
*** menesis has joined #zope14:02
gayathrithankyou so much, mod_headers worked perfect14:03
gayathrieven i see this, in my header14:04
gayathriwhich means all my http methods are allowed,14:04
gayathriwherein in apache i added all Limit directives14:04
gayathrihow do i deny all these methods, and i think they are of zope server and not of apache server14:05
gayathriand my vhost of apache of other directive shows that they are denied14:05
gayathribut vhost of zope configuration shows all these methods open14:05
*** _baton_ has joined #zope14:06
_baton_Hi, is there any best practices for running zope virtual hosting with ssl ?14:07
_baton_I have a strange situation with login form, everuthing works fine only in firefox14:07
*** gwik has quit IRC14:08
*** gwik has joined #zope14:09
*** ccomb has quit IRC14:15
walditeix: evidence for that? for the attacker it is usualy much easier to launch all the attacks instead of selecting the correct ones. also this information may be incorrect14:15
teixwaldi: right! following those steps doesn't mean site will be more secure14:17
teixwaldi: as mentioned on apache docs: «Frequently, people want to remove this information, under the mistaken understanding that this will make the system more secure. This is probably not the case, as the same exploits will likely be attempted regardless of the header information you provide.»14:18
teixwaldi: but i'm just trying to help gayathri anyway :)14:18
gayathriso how about disabling those http methods of the zope server14:26
gayathriis there any configuration to be done in zope configuration file?14:27
waldigayathri: nope. this are all standard methods14:32
*** fredvd has joined #zope14:32
*** fredvd|meeting has joined #zope14:33
*** menesis has quit IRC14:34
*** fredvd|sport has joined #zope14:35
*** menesis has joined #zope14:35
*** benji has joined #zope14:36
*** fredvd|sport is now known as fredvd_14:36
*** benji has quit IRC14:36
gayathriok this also i was able to manage with mod_headers14:36
gayathrithanks to all14:36
betabugcool, glad it worked14:37
*** fredvd has quit IRC14:37
betabug_baton_: check
*** fredvd|meeting has quit IRC14:38
_baton_betabug, thanks for attention, but is broken14:39
*** gayathri has quit IRC14:39
betabugmaybe I made a mistake in the link14:39
_baton_meanwhle, I am intersintg if I have running instance on  http://localhost:8092/VirtualHostBase/https/testapp.localhost:443/portal/VirtualHostRoot/14:40
betabug_baton_: anyway, head over to for your rewrite rule14:40
_baton_do testapp.localhost works both http and https ?14:40
betabugdo not try to debug rewriterules, just get a working one14:41
betabugdunno what is different, but that works14:41
teixbetabug: capital Z :)14:42
betabugoh, zope2 instead of Zope2, fun14:42
betabugyeah, just noticed14:42
betabugteix: how's life in .pt? everything fine?14:42
teix_baton_: witches give you working rewrite rules! :)14:43
teixbetabug: fine thanks!14:43
teixbetabug: well almost... we are bombed all days with those crisis news on TVs and papers14:45
teixbetabug: but *real* life is running well :)14:45
betabughaha, you ain't see nothing yet14:45
betabugteix: I sincerely hope your politicians will not f* up to the level of those criminals that they call "politicians" here14:45
teixbetabug: let's see...14:46
teixbetabug: but politicians popularity drops a lot on last few months14:46
teixbut that is happening worldwide, i think...14:47
*** thetet has joined #zope14:47
*** vipod has quit IRC14:53
*** vipod has joined #zope14:54
betabugwell, the problem is that their popularity drops from all parties at once, so there is nobody that you honestly still can vote... result: the same bandits in government again14:58
betabugwell, enough politics :-)14:58
teixbetabug: I agree! with both sentences :)15:01
*** alga has quit IRC15:03
*** zagy1 has joined #zope15:08
*** zagy has quit IRC15:08
CIA-78ulif * r119057 grokcore.content/src/grokcore/content/ Extent documentation from grokdocs.15:19
*** nitrogenycs has joined #zope15:22
*** J1m has joined #zope15:45
*** wosc has quit IRC15:45
*** __mac__ has quit IRC15:55
*** zagy1 has quit IRC16:02
*** zagy has joined #zope16:03
*** zagy has quit IRC16:05
*** zagy has joined #zope16:05
*** digitalmortician has quit IRC16:05
*** tisto|away is now known as tisto16:20
*** Arfrever has joined #zope16:21
*** alga has joined #zope16:30
*** jim_SFU has joined #zope16:44
*** jim_SFU has quit IRC16:57
*** jim_SFU has joined #zope16:57
*** chaoflow_ has quit IRC16:58
*** chaoflow has joined #zope16:58
giampaolo this is an error I got in my zope log. Why is it compressed? Is there a way to get/log the original/complete traceback?17:10
betabuggiampaolo: compressed? I seem to be seeing a complete traceback17:11
giampaolono that's not17:12
betabugsomehow it's trying to create a fax group 4 image?17:12
betabuggiampaolo: what do you miss?17:12
giampaoloit does not tell the last call who caused the error, it only tells the method where that happened17:13
giampaolowhich is create_jpg()17:13
giampaolo...but my create_jpg() is long... =)17:13
betabugModule PIL.ImageFile, line 180, in load called _getdecoder17:13
betabugand Module PIL.Image, line 376, in _getdecoder fails, with IOError: decoder group4 not available17:13
betabugline 234 in create_jpg is specific enough usually17:14
betabugbut I don't know Products.INGBookService.bookservice_page :-)17:14
mgedmindo you need to?17:14
mgedminPIL is unable to load that jpeg17:15
giampaoloI'm not interested in PIL.Image... I wanna know the last call of MY code who caused the error. And being that a compressed traceback message I can't17:15
mgedmineither that jpeg is broken, or PIL is broken (e.g. built without jpeg support)17:15
mgedminisn't INGBookService your code?17:16
betabuggiampaolo: well, what's on line 234 of bookservice_page ?17:16
betabugmgedmin: I don't think so, I think there is something telling PIL that a Fax image is asked for17:17
mgedmin(d'oh, jpg is the output format, not the input)17:17
betabugah, so PIL is thinking that it is *getting* a fax image!17:18
betabugsomeone uploaded something with a strange extension I would guess!17:18
*** dayne has joined #zope17:18
*** digitalmortician has joined #zope17:20
giampaoloI'm not sure either, what annoys me is that that's NOT the original traceback message17:25
*** zagy has quit IRC17:27
*** zagy has joined #zope17:28
betabugyou're not sure what's on line 234?17:29
*** zagy has quit IRC17:29
giampaoloexactly, at line 234 I have a method, INSIDE that method a make a certain call which then causes the PIL error. In a standard python traceback message that part is expanded and shows exactly what call caused the error17:33
betabughmm, I've never heard nor seen a "compressed traceback" in python17:34
betabugif it says 234, that's where my error is17:35
giampaolobetabug: if you take a look at that traceback message it's clear that is somewhat "compressed" as it's not indented17:36
betabugit is17:36
betabugall the lines starting with "Module" are indented17:36
betabugand in python docs I don't see anything that would "compress" a traceback17:37
betabugonly "limit" to limit number of entries17:38
_mup_Bug #234788: Phatch doesn't support decoder group4 TIF <Phatch:Fix Released by stani> <python-imaging (Ubuntu):New> < >17:38
giampaoloTHAT is an actual traceback message17:38
giampaolosee? it contains the module paths17:38
giampaolomy traceback message don't17:38
giampaoloyou can modify the traceback in python, for example by using a bare try/except clause and then use the traceback module17:39
giampaolomy best guess is that Zope does something like that17:40
betabughmmm, let me check17:40
betabugprobably yeah17:41
giampaoloyeha... :\17:41
giampaolowhy the heck they did that I don't know17:41
betabugmakes event.log neater17:42
giampaoloand developers life harder =)17:42
betabugI never even noticed, to tell the truth17:42
giampaoloand also, I have the impression that the traceback is compressed also when the server runs in foreground, in which case there's no even need to neat anything17:43
mgedminzope uses its own exception formatter17:43
mgedminfor security reasons -- do not expose filesystem paths, do not expose source code17:44
* mgedmin shrugs17:44
mgedminI believe you can find the original Python traceback in the log file17:44
mgedminbut it won't tell you anything more: line 234 is it17:44
betabugyeah, I doubt that the line number is wrong17:45
betabugthat would be really weird for a formatter to change17:45
giampaolomgedmin: is there a way to tell Zope not to do that (have plain tracebacks)?17:47
mgedminI don't remember17:47
mgedmintry poking in /Control_Panel/error_log or whatever it's called17:47
CIA-78menesis * r119058 (CHANGES.txt Preparing release 3.6.117:54
CIA-78menesis * r119059 / Tagging 3.6.117:54
CIA-78menesis * r119060 (CHANGES.txt Back to development: 3.6.217:54
CIA-78menesis 3.5 * r119061 (CHANGES.txt Preparing release 3.5.117:54
CIA-78menesis * r119062 / Tagging 3.5.117:54
CIA-78menesis 3.5 * r119063 (CHANGES.txt Back to development: 3.5.217:54
*** digitalmortician has quit IRC18:06
*** alvaro_o has joined #zope18:08
*** davisagli|away is now known as davisagli18:08
*** supton has joined #zope18:08
*** neo|4D has quit IRC18:14
*** davisagli is now known as davisagli|away18:15
*** sm has joined #zope18:18
*** tiwula has joined #zope18:22
*** alvaro_o has quit IRC18:28
*** alvaro_o has joined #zope18:28
*** dayne has quit IRC18:29
*** menesis has quit IRC18:42
*** sm_ has joined #zope18:45
*** giampaolo has quit IRC18:46
*** sm has quit IRC18:48
*** sm_ is now known as sm18:48
*** cwarner_ has joined #zope18:52
*** redir has quit IRC19:01
*** davisagli|away is now known as davisagli19:03
*** digitalmortician has joined #zope19:05
*** tisto has quit IRC19:08
*** alvaro_o has quit IRC19:08
*** TomBlockley has joined #zope19:10
*** alvaro_o has joined #zope19:10
*** MrWu has joined #zope19:14
*** vipod_ has joined #zope19:22
*** hever has joined #zope19:22
*** vipod has quit IRC19:23
*** vipod_ is now known as vipod19:23
*** supton has quit IRC19:24
*** allisterb has quit IRC19:28
*** Theuni__ has quit IRC19:29
*** supton has joined #zope19:29
*** thetet has left #zope19:35
*** vipod_ has joined #zope19:35
*** fredvd_ has quit IRC19:36
*** RichardBarrell has joined #zope19:38
*** vipod has quit IRC19:38
*** vipod_ is now known as vipod19:38
*** agroszer has joined #zope19:43
*** allisterb has joined #zope19:44
*** vipod has quit IRC19:47
*** sunew has quit IRC19:54
*** eperez has quit IRC19:55
*** ccomb has joined #zope19:58
*** MrWu has quit IRC20:14
*** mcdonc has quit IRC20:24
*** mcdonc has joined #zope20:25
*** supton has quit IRC20:25
*** sm has quit IRC20:34
*** sm has joined #zope20:36
*** alga has quit IRC20:47
*** alga has joined #zope20:48
*** redir has joined #zope20:54
*** redir_ has joined #zope20:54
*** alga_ has joined #zope20:55
*** redir has quit IRC20:58
*** alga has quit IRC20:59
*** TomBlockley has quit IRC21:01
*** RichardBarrell has left #zope21:09
*** RaceCondition has joined #zope21:10
*** hever has quit IRC21:11
*** redir_ is now known as redir21:25
*** agroszer has quit IRC21:27
*** teix has quit IRC21:44
*** hever has joined #zope22:02
*** hever has quit IRC22:03
*** sylvain has quit IRC22:22
*** gwik has quit IRC22:26
*** Theuni_ has joined #zope22:30
*** Theuni_ is now known as Guest13822:31
*** cwarner_ has quit IRC22:34
*** snaffu has joined #zope22:42
*** RaceCondition has quit IRC22:46
*** xanalogica has quit IRC22:49
*** RaceCondition has joined #zope22:58
*** RaceCondition has quit IRC22:58
*** gwik has joined #zope23:06
*** Guest138 has quit IRC23:44
*** chaoflow has quit IRC23:53
*** chaoflow has joined #zope23:56

Generated by 2.15.1 by Marius Gedminas - find it at!