httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <gst...@lyra.org>
Subject Re: cvs commit: httpd-2.0 STATUS
Date Fri, 23 Jan 2004 23:49:21 GMT
On Fri, Jan 23, 2004 at 11:28:28PM +0100, André Malo wrote:
> * Joe Orton <jorton@redhat.com> wrote:
> 
> > On Mon, Jan 12, 2004 at 12:04:38AM -0000, nd@apache.org wrote:
> > >        * mod_dav: Reject requests including fragment part in the
> > >        Request-URI.
> > >          http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/main/mod_dav.c?r1=1.102&r2=1.103
> > >          PR: 21779
> > >          +1: jorton
> > >   +        nd asks: Should we make it runtime configurable either to 400,
> > >   drop the+                 fragment or just treat it as part of the
> > >   filename?
> > 
> > I missed this till now, sorry.  I don't see why it's worth a config
> > option: the client is generating an invalid request, so let it break
> > rather than trying to second-guess the escaping rules.  The error_log 
> > message makes it clear what is wrong.
> 
> Hmm, and then? I'd see it as a workaround for buggy clients like the
> "redirect-carefully" variable.

It's a matter of degree. Just how many clients are broken, and what
percentage of traffic do they represent? The redirect-carefully was put in
because of a great many, popular clients were borken.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Mime
View raw message