httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Malo>
Subject Re: cvs commit: httpd-2.0 STATUS
Date Thu, 27 Mar 2003 15:24:45 GMT
* Jeff Trawick wrote:

>>   +    * Forward port: Escape special characters (especially control
>>   +      characters) in mod_log_config to make a clear distinction between
>>   +      client-supplied strings (with special characters) and server-side
>>   +      strings. This was already introduced in version 1.3.25.
>>   +    * Fix mod_rewrite's path handling. It's essentially broken for non-unices
>>   +      for ages. PR 12902.
> alternative opinion: neither of these are showstoppers... 

Sure :)

> not a
> security problem,

hmm. Bogus characters _can_ break the logfiles and it was never ported to 
2.x. At least it may prevent some people to switch from 1.3 to 2.x.
But ok, it may be a question of taste.

> not new breakage compared with previous release,
> instead something that has been working that way for ages and will not
> be an unpleasant surprise to anyone

mod_rewrite was finally broken in
which is 2.0.27 (log time ago). Before this change it was mostly usable by 
some workarounds. The change was unfortunately backported to 1.3.25
which made it also unusable in nearly all cases in 1.3.

I'm still considering the mod_rewrite fix to be _very_ important. The very 
small subset of RewriteRules that do work on non-unices is IMHO not 
sufficient for a *GA* version.

package Hacker::Perl::Another::Just;print
qq~@{[reverse split/::/ =>__PACKAGE__]}~;

#  André Malo  #  #

View raw message