Closed GoogleCodeExporter closed 9 years ago
Technically one could argue that an access handler should never really be
returning a HTTP_NOT_FOUND as that isn't what it is intended to be used for.
Its purpose is to check whether access is permitted or not and since user
authorisation is not involved, the only appropriate way of flagging that is
through a HTTP_FORBIDDEN response.
So, although mod_python may have allowed you to do that because of its Apache
generic handler interface, it is a questionable practice.
The access handler in mod_wsgi was also intended to complement what mod_access
in Apache does. Ie., the Deny/Allow macros for host based access control. It is
not intended to be a general means of providing a access handler. As such, like
mod_access, it only returns HTTP_FORBIDDEN when False is returned. I am not
inclined to change this at this point.
Original comment by Graham.Dumpleton@gmail.com
on 3 May 2011 at 12:20
Closing out old issue that not intending to take action on.
Original comment by Graham.Dumpleton@gmail.com
on 12 Nov 2014 at 10:41
Original issue reported on code.google.com by
jasper%l...@gtempaccount.com
on 1 May 2011 at 7:14