Re: make test fails in modules/include.t

Sat, 21 Aug 2004 13:54:31 -0700

André Malo wrote: 
* Stas Bekman <[EMAIL PROTECTED]> wrote:


according to the Apache docs:
http://httpd.apache.org/docs-2.0/en/mod/core.html#options
IncludesNoExec disables #cmd and #exec, but no #include virtual

I suppose mod_include has introduced this feature w/o documenting it? 


It's just bad documented:

| IncludesNOEXEC
|     Server-side includes are permitted, but the #exec cmd and #exec cgi are
| disabled. It is still possible to #include virtual CGI scripts from
| ScriptAliased directories.

It doesn't say, *when* it's possible. The "text/"-thing is just missing. 

So it probably should say:

It is still possible to #include virtual CGI scripts from ScriptAliased directories, as long as those scripts don't return Content-type starting with 'text/'.

(which is still vague for the end users, since it's possible that Apache will set the Content-type on behalf of the script)

besides I can't see the point of this protection, since it's easy to bypass it, setting a different C-T header, no?

So Thomas, thanks for the fix (I don't know why I can't reproduce the problem here).


Probably another handler/type set.

No, it's the mod_perl test suite. It doesn't fail for me with IncludesNoExec, with the same Apache 2.0.50. You can try it yourself, running:

t/TEST -v t/modules/include.t

after you've built modperl-2.0.

The config for this test lives in t/conf/extra.conf.in.

And Apache docs folks, please add to that section:
http://httpd.apache.org/docs-2.0/en/mod/core.html#options that #include virtual may require Includes (instead of IncludesNoExec), if the included file sets a content type matching "^text/" regex.


You could add it yourself ;-) 

But I trust you to do a better job :)

Thanks André

--
__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Reply via email to