Ross Thomas wrote:
>
> > I wrote an ASP page that returned an excel table based on POST parameters.
>
> You should really use GET to get data, but then I'm hyper-critical ;)
>
> > My scripts now always have on start:
> >
> > if ($Request->{Method} !~ /GET|POST/) {
> > $Response->{Status} = 500;
> > $Response->End();
> > }
>
> Perhaps some kind of option along the lines of DenyUnusualMethods could be
> set to true to have Apache::ASP deal with this automatically? Shouldn't be
> too hard to implement.
>
I believe this should be done as an Apache configuration, for example:
<Limit PUT DELETE OPTIONS>
Order allow,deny
Deny from all
</Limit>
Apache::ASP scripts just run when called, but controlling
the access to the scripts should not need another config
that is ASP specific. I hesitate to add any config paramters
unnecessarily because the bloat of them adds to the runtime
overhead of processing scripts for everyone.
-- Josh
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NodeWorks Founder Huntington Beach, CA USA
http://www.nodeworks.com 1-714-625-4051
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
