www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick A Linstruth <patr...@QNET.COM>
Subject Re: pending/2617: Protecting <APPLET> with mod_access and mod_setenvif
Date Wed, 15 Jul 1998 00:40:00 GMT
The following reply was made to PR pending/2617; it has been noted by GNATS.

From: Patrick A Linstruth <patrick@QNET.COM>
To: Marc Slemko <marcs@znep.com>
Cc: apbugs@hyperreal.org
Subject: Re: pending/2617: Protecting <APPLET> with mod_access and mod_setenvif
Date: Tue, 14 Jul 1998 17:30:29 -0700 (PDT)

 One other thing that might help, the GET request produced from
 
    <APPLET CODEBASE="/java/" CODE="HelloWeb.class" WIDTH=200 HEIGHT=200>
 
 shows up in "access_log" but not "referer_log".
 
 Patrick
 
 --
 Patrick A. Linstruth
 Quantum Networking Solutions, Inc.
 
 (805) 538-2028
 (805) 538-2859 FAX
 
 
 On Tue, 14 Jul 1998, Marc Slemko wrote:
 
 > Date: Tue, 14 Jul 1998 16:34:46 -0700 (PDT)
 > From: Marc Slemko <marcs@znep.com>
 > To: Patrick Linstruth <patrick@qnet.com>
 > Cc: apbugs@hyperreal.org
 > Subject: Re: pending/2617: Protecting <APPLET> with mod_access and mod_setenvif
 > 
 > On 14 Jul 1998, Patrick Linstruth wrote:
 > 
 > > Here's my HTML code:
 > > 
 > > <APPLET CODEBASE="/java/" CODE="HelloWeb.class" WIDTH=200 HEIGHT=200>
 > > <PARAM NAME="user" VALUE="%u">
 > > [HelloWeb applet]
 > > </APPLET>
 > 
 > Erm... just what do you expect to be denied?
 > 
 > If someone accesses a page on your site that loads /java/HelloWeb.class
 > then of course the refer will be from your site.
 > 
 > The only time you would expect differently is if you had the above HTML on
 > a different server and changed the URL to point to your server.
 > 
 

Mime
View raw message