On Thu, May 20, 2010 at 02:51:30PM -0700, Micah Cowan wrote: > Hm... a problem with this is that it also applies to the case when > someone is recursively-fetching, and the remote server is (even > accidentally) misconfigured to include .htaccess in auto-generated > indexes (and to allow public reading of that file). No obvious way to > avoid that situation that I can think of... might be worth documenting > somewhere.
Yes, the recursive-fetching risks probably need to be addressed in the documentation only, not in the code. I think they're also more likely to be expected by the users. Alexander