httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: httpd-2.0/modules/metadata mod_cern_meta.c
Date Thu, 13 Dec 2001 17:24:27 GMT
wrowe       01/12/13 09:24:27

  Modified:    modules/metadata mod_cern_meta.c
  Log:
    Not really an XXX here
  
  Revision  Changes    Path
  1.35      +7 -1      httpd-2.0/modules/metadata/mod_cern_meta.c
  
  Index: mod_cern_meta.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/metadata/mod_cern_meta.c,v
  retrieving revision 1.34
  retrieving revision 1.35
  diff -u -r1.34 -r1.35
  --- mod_cern_meta.c	2001/05/07 14:03:59	1.34
  +++ mod_cern_meta.c	2001/12/13 17:24:27	1.35
  @@ -361,10 +361,16 @@
   		 dconf->metasuffix ? dconf->metasuffix : DEFAULT_METASUFFIX,
   			   NULL);
   
  -    /* XXX: it sucks to require this subrequest to complete, because this
  +    /* It sucks to require this subrequest to complete, because this
        * means people must leave their meta files accessible to the world.
        * A better solution might be a "safe open" feature of pfopen to avoid
        * pipes, symlinks, and crap like that.
  +     *
  +     * In fact, this doesn't suck.  Because <Location > blocks are never run
  +     * against sub_req_lookup_file, the meta can be somewhat protected by
  +     * either masking it with a <Location > directive or alias, or stowing
  +     * the file outside of the web document tree, while providing the
  +     * appropriate directory blocks to allow access to it as a file.
        */
       rr = ap_sub_req_lookup_file(metafilename, r, NULL);
       if (rr->status != HTTP_OK) {
  
  
  

Mime
View raw message