Return-Path: <trawick@apache.org>
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 74523 invoked by uid 500); 29 Aug 2001 12:30:24 -0000
Delivered-To: apmail-httpd-2.0-cvs@apache.org
Received: (qmail 74519 invoked from network); 29 Aug 2001 12:30:24 -0000
Received: from icarus.apache.org (64.125.133.21)
  by daedalus.apache.org with SMTP; 29 Aug 2001 12:30:24 -0000
Received: (qmail 68520 invoked by uid 1121); 29 Aug 2001 12:29:36 -0000
Date: 29 Aug 2001 12:29:36 -0000
Message-ID: <20010829122936.68519.qmail@icarus.apache.org>
From: trawick@apache.org
To: httpd-2.0-cvs@apache.org
Subject: cvs commit: httpd-2.0/modules/metadata mod_usertrack.c
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Status: O
X-Status: 
X-Keywords: 
X-UID: 591

trawick     01/08/29 05:29:36

  Modified:    modules/metadata mod_usertrack.c
  Log:
  From Mark Cox:
  
  I've had a couple of emails from users using mod_usertrack for authentication.
  Add the equivalent of a "warning: coffee may be hot" label, and fix a broken
  email address at the same time.
  
  Submitted by:	Mark Cox
  
  Revision  Changes    Path
  1.33      +6 -13     httpd-2.0/modules/metadata/mod_usertrack.c
  
  Index: mod_usertrack.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/metadata/mod_usertrack.c,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -r1.32 -r1.33
  --- mod_usertrack.c	2001/08/16 10:48:53	1.32
  +++ mod_usertrack.c	2001/08/29 12:29:36	1.33
  @@ -58,10 +58,13 @@
   
   /* User Tracking Module (Was mod_cookies.c)
    *
  + * *** IMPORTANT NOTE: This module is not designed to generate
  + * *** cryptographically secure cookies.  This means you should not
  + * *** use cookies generated by this module for authentication purposes
  + *
    * This Apache module is designed to track users paths through a site.
    * It uses the client-side state ("Cookie") protocol developed by Netscape.
  - * It is known to work on Netscape browsers, Microsoft Internet
  - * Explorer and others currently being developed.
  + * It is known to work on most browsers.
    *
    * Each time a page is requested we look to see if the browser is sending
    * us a Cookie: header that we previously generated.
  @@ -84,18 +87,8 @@
    * Example 2 : If you used to use the old "CookieLog" directive, you
    * can emulate it by adding the following command to your config file
    *       CustomLog filename "%{Cookie}n \"%r\" %t"
  - *
  - * Notes:
  - * 1.  This code now logs the initial transaction (the one that created
  - *     the cookie to start with).
  - * 2.  This module has been designed to not interfere with other Cookies
  - *     your site may be using; just avoid sending out cookies with
  - *     the name "Apache=" or things will get confused.
  - * 3.  If you want you can modify the Set-Cookie line so that the Cookie
  - *     never expires.  You would then get the same Cookie each time the
  - *     user revisits your site.
    *
  - * Mark Cox, mark@ukweb.com, 6 July 95
  + * Mark Cox, mjc@apache.org, 6 July 95
    *
    * This file replaces mod_cookies.c
    */