httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Doug MacEachern)
Subject Re: mod_perl testing
Date Thu, 02 May 1996 13:01:33 GMT
At 08:17 AM 5/2/96 +0200, Gisle Aas wrote:
>In message <>, Doug MacEachern writes:
>> It's not quite there yet, but enough is there for testing.
>Good to hear that you have progress.
>> o Currently, we keep the 'Authorization' header from the script.
>>   opinions?
>I know several applications that could do something useful with this
>header.  Can't we make this an option in the configuartion files of
>Apache, (and make the same option pass the Authorization header to CGI
>scripts as well.)

Yes, I agree and was hoping others would too.  But sadly, there are trouble
makers out there, who could snarf people's passwords plenty of ways, but
this just makes it too easy.  I've left it out for now, looking for
suggestions such as yours.  It's really just a matter of who should decide
what scripts can have access to this information.  We could have a
configuration option, and for those who still are not comfortable with this,
add the option to compile with -DDONT_ALLOW_THIS_OPTION
Other thoughts?

Thanks for the comments,

>> o Should we have an file?  Currently mod_perl does the 'bootstrap
>> Apache'.
>Fewer files means faster startup!
>> o Some methods such as $r->set_content_type could stand to loose the set_ pre
>>   provided then return a value.
>>   $ct = $r->content_type; #get it
>>   $r->content_type("text/html"); #set it
>>   opinions?
>This is pretty standard for perl modules.  Just do it.
>> o Add other methods would be handy to have.
>I am sure they will pop up as we go along...

View raw message