httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Westland <erikwestl...@yahoo.com>
Subject Re: Input filter to process POST variables (e.g. mod_form)
Date Sun, 29 Mar 2009 10:48:49 GMT

----- Original Message ----

> From: Nick Kew <niq@apache.org>
> To: modules-dev@httpd.apache.org
> Sent: Wednesday, March 25, 2009 4:10:39 PM
> Subject: Re: Input filter to process POST variables (e.g. mod_form)
> 
> 
> On 25 Mar 2009, at 14:34, Erik Westland wrote
> 
> > 
> >> From: Erik Westland 
> >> To: modules-dev@httpd.apache.org
> >> Sent: Saturday, March 21, 2009 11:22:52 PM
> >> Subject: Input filter to process POST variables (e.g. mod_form)
> 
> 
> I'm sure I recollect replying to that question a few days ago:
> in fact my mailer shows your question as replied to.  Guess
> maybe it got lost in the ether.
> 
> >> It seems that "mod_form" (see: http://apache.webthing.com/mod_form/) does the
> >> parameter processing, but comes with the following ominous caveat:
> >> "mod_form works with GET but is largely untested under POST, and appears to

> have
> >> problems with POST and HTTP Keepalive. That will be fixed, but it's not
> >> currently a priority."
> 
> There was some test case where it hung.  I've also had reports of it working
> successfully with POST.
> 
> >> Q: Does anyone know if this is safe to use? Their support page lists mod_form
> >> as: "unlikely to represent value to you."
> 
> That means I don't want anyone making the voluntary donation my pages invite
> on the false premise that it's a tried-and tested production-grade module.
> 
> >> Q: Is there another alternative to writing my own? If not, any idea what the
> >> keepalive issue was?
> 
> mod_request (didn't exist when I wrote mod_form).  Or apreq (did exist,
> but a more heavyweight solution).
> 
> >> Q:  Apache processes variables in the URL (parses into r->args) during POST
> >> requests, but the mod_form implementation doesn't look for r->args when 
> handling
> >> POST requests. Is this disallowed/discouraged in the spec or an oversight in

> the
> >> implementation?
> 
> Both.  It's an edge case, and a mod_form incompleteness.  But it won't bite you
> unless your application uses a POST form with a query_string in the action.
> Or perhaps does similar for non-browser data.
> 

Nick,

Thanks for the tip on libapreq, it should work for me (until mod_request is generally available).
I am having some issues using it though, it seg faults when I POST data AND ask for the body
in my input filter. I am assuming I am doing something out of sequence (hopefully not violating
some operational principle), but need to dig more (and post to the apreq-dev group).

BTW - I am open to giving to donations to you (or anyone else of similar caliber) to answer
about 20 mins of questions. I will be in the SF Bay Area this afternoon. If you are interested,
drop me a message (erikwestland  yahoo com).

Cheers,
Erik


      

Mime
View raw message