httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rose, Billy" <>
Subject RE: mod_auth_referer
Date Wed, 01 May 2002 19:54:19 GMT
Therein lies the beauty of the configure script. IMHO an (average) admin
would rather add a few simple readable directives as opposed to learning a
pseudo programming technique in the config file. Not all admins are power
users, but rather some poor sap that got voted to do the job because nobody
else has the time, and he/she has to cram to learn the ins-and-outs of
Apache. Usually they don't even know the proper way to start the server, and
have to read through the docs to get that far. That is the primary reason
IIS took so well to the web world. Just click-click-click and the average
Joe has a site up and running in seconds. Add a few simple directives that
everyone can read and know what they mean, and those admins with less
experience can be up in minutes. The configure options allows them to
include only those options (directives) they want. The SetEnvIf option is
still there for the power users so they can tweak the server until it talks
to them in their dreams.

Billy Rose

> -----Original Message-----
> From: Joshua Slive []
> Sent: Wednesday, May 01, 2002 2:30 PM
> To: ''
> Subject: RE: mod_auth_referer
> On Wed, 1 May 2002, Rose, Billy wrote:
> > Performance, and functional separation. No environment variables are
> > created/referenced. It is obvious to a web admin (average Joe) what
> > mod_auth_referer does, but not so obvious what SetEnvIf 
> does in relation to
> > specific needs. This makes a specific function a component 
> with separation
> > of logic from a more general base.
> If there is a performance problem with the env variable 
> technique, then
> that performance problem should be fixed.  (In particular, it has been
> suggested we need a non-regex way of conditionally adding env 
> variables.)
> There is nothing inherent in using environment variables that 
> should make
> things slow.
> I agree that some people would find your technique easier, 
> but I believe
> that could be fixed by better docs.  Plus once people learn the env
> variable technique, they can use the same thing for a bunch of other
> purposes, rather than having to learn new directives each time.
> As for functional separation, it is hard to argue that replicating
> generalized and flexible functionality with special purpose 
> code leads to
> a cleaner program.  You'll notice that by using the general purpose
> technique, you can already do all the things you mention your module
> lacks: directory-level config, integration with other access controls,
> etc.
> I won't veto the addition of your module, but I also won't support it.
> People around here probably know already I have a bias towards general
> purpose directives that allow one set of code to do multiple things,
> rather than adding a new directive for each function.  Yes, 
> it can be a
> little harder to learn initially.  But once you know it, you are much
> better off.
> Joshua.

View raw message