httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ray Morris <supp...@bettercgi.com>
Subject Re: Problem with ap_internal_redirect_handler
Date Tue, 24 Aug 2010 12:56:34 GMT
    This sounds to me like an access_checker, which should be
called from the access_checker hook.  Filters, as I understand
it, are for transforming the content - compressing it, for example.
Entirely replacing the content with an unrelated document sounds
like an abuse of filters.  I wonder if this might be a case of
"if all you have is a hammer ..."

   On a different note, if this CAPTCHA (until recently called a
Turing image) is just to reduce spam, great.  If it's part of a
system designed to actually be secure, be very very careful.
I'm very much a jack of all trades.  Mostly, I learn by trial and
error.  There are only two areas I don't learn by trial and
error, because error is not acceptable.  Explosives and system
security.
--
Ray Morris
support@bettercgi.com

Strongbox - The next generation in site security:
http://www.bettercgi.com/strongbox/

Throttlebox - Intelligent Bandwidth Control
http://www.bettercgi.com/throttlebox/

Strongbox / Throttlebox affiliate program:
http://www.bettercgi.com/affiliates/user/register.php


On 08/24/2010 07:29:53 AM, Martin Townsend wrote:
>  On 24/08/2010 11:19, Ben Noordhuis wrote:
>> On Tue, Aug 24, 2010 at 11:50, Martin Townsend
>> <martin.townsend@power-oasis.com>  wrote:
>>> Do you mean setting a request note from the input filter that an  
>>> output
>>> filter picks up which can then output the captcha.shtml?
>> Yes, if your module consists of filters only. If it also includes a
>> content generator, I'd probably do it from there. But you know your
>> code best so pick the most appropriate solution.
> 
> I don't have a content generator.   Can I call  
> ap_internal_redirect_handler to perform the redirect from my output  
> filter or do I have to destroy the original bucket brigade and load  
> the contents of captcha.shtml into a new one (in which case how do I  
> ensure that the SSI output filter is called as captcha.shtml contains  
> SSI).  If I can call ap_internal_redirect_handler how do I stop the  
> original request from generating a response after  
> ap_internal_redirect_handler returns?
> 
> Best Regards,
> Martin.
> 

Mime
View raw message