httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From noi...@apache.org
Subject svn commit: r414143 - /httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml
Date Wed, 14 Jun 2006 08:23:35 GMT
Author: noirin
Date: Wed Jun 14 01:23:34 2006
New Revision: 414143

URL: http://svn.apache.org/viewvc?rev=414143&view=rev
Log:
Corrections & clarifications
Submitted by Matt Lewandowsky

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml?rev=414143&r1=414142&r2=414143&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml Wed Jun 14 01:23:34 2006
@@ -122,7 +122,21 @@
 
     <p>The domain string <strong>must</strong> begin with a dot, and
     <strong>must</strong> include at least one embedded dot. That is,
-    ".foo.com" is legal, but "foo.bar.com" and ".com" are not.</p>
+    <code>.foo.com</code> is legal, but <code>foo.bar.com</code>
and 
+    <code>.com</code> are not.</p>
+
+    <note>Most browsers in use today will not allow cookies to be set
+    for a two-part top level domain, such as <code>.co.uk</code>, 
+    although such a domain ostensibly fulfills the requirements
+    above.<br /> 
+    
+    These domains are equivalent to top level domains such as
+    <code>.com</code>, and allowing such cookies may be a security
+    risk. Thus, if you are under a two-part top level domain, you
+    should still use your actual domain, as you would with any other top
+    level domain (for example <code>.foo.co.uk</code>).
+    </note> 
+	    
 </usage>
 </directivesynopsis>
 
@@ -209,7 +223,8 @@
 
     <p>Not all clients can understand all of these formats. but you
     should use the newest one that is generally acceptable to your
-    users' browsers.</p>
+    users' browsers. At the time of writing, most browsers only fully
+    support <code>CookieStyle Netscape</code>.</p>
 </usage>
 </directivesynopsis>
 
@@ -229,12 +244,13 @@
 <override>FileInfo</override>
 
 <usage>
-    <p>When the user track module is compiled in, and
-    "CookieTracking on" is set, Apache will start sending a
+    <p>When <module>mod_usertrack</module> is loaded, and
+    <code>CookieTracking on</code> is set, Apache will send a
     user-tracking cookie for all new requests. This directive can
     be used to turn this behavior on or off on a per-server or
-    per-directory basis. By default, compiling mod_usertrack will
-    not activate cookies. </p>
+    per-directory basis. By default, enabling
+    <module>mod_usertrack</module> will <strong>not</strong> 
+    activate cookies. </p>
 
 </usage>
 </directivesynopsis>



Mime
View raw message