> >On the sh-httpd front, I don't think there will be a lot of work > >required, and sh-httpd is already in the LEAF CVS tree, so probably a > >few leaf-devel posts (and a lot of beta-testing) is all that's required. > > IMHO there are 2 issues > > 1) the POST/GET functionality must be checked and maybe enhanced
AFAIK, the GET functionality works without issue, but more testing (especially by someone familiar with CGI behavior) would definately be a "good thing" (tm). I have yet to examine the POST patch in detail, but there are no issues I'm aware of that would prevent sh-httpd from properly implementing the POST method with nothing but shell-script and common utilities (like dd). Another feature for the wish-list is connection-keepalive, which would help performance (especially with some versions of MS browsers, which assume connection-keepalive, even if the web server sends a connection-close). > 2) authentication may be an issue, but maybe this would bloat weblet, > especially if we still want to support floppies I'd prefer to avoid the authentication entirely with sh-httpd, but basic authentication may be required. Note that even if implemented, I wouldn't really consider this amazingly secure...it would simply be a way to provide some sort of password so Junior couldn't edit the firewall rules on a whim, enabling the latest [mal|share]ware program to work. I think any form of secure authentication, as well as any encryption or tunneling should be handled by a seperate program (ie ssh, ssl, zeebee, or similar). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
