Fwd: Broken Link
FYI ... Begin forwarded message: From: Michael French m...@mpfrench.com Subject: Broken Link Date: 21 September 2012 02:59:08 BST To: webmas...@apache.org, postmas...@apache.org Please tell the person that maintains httpd.apache.org that the link to the Win32 version of apache 2.2.23 [httpd-2.2.23-win32-x86-openssl-0.9.8t.msi] is broken. Thanks, Mike __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __ Cheers, Tony -- Tony Stevenson t...@pc-tony.com t...@caret.cam.ac.uk pct...@apache.org http://www.pc-tony.com GPG - 1024D/51047D66 --
Re: how to avoid balancer manager nonce?
On 5 Sep 2012, at 11:57, Jim Jagielski j...@jagunet.com wrote: FWIW, I have time this week to impl this... Feedback/Concerns? Only the term 'nonce' - It has very unfortunate connotations from UK english. [1] :-) [1] - http://en.wikipedia.org/wiki/Nonce_(slang) Cheers, Tony -- Tony Stevenson t...@pc-tony.com t...@caret.cam.ac.uk pct...@apache.org http://www.pc-tony.com GPG - 1024D/51047D66 --
Re: Comment system, take two
Daniel Gruno wrote on Wed, May 23, 2012 at 04:47:10AM +0200: On 05/22/2012 11:25 PM, Rainer Jung wrote: I like it. +1 Concerning production readyness, some points come to mind: - Did you pay attention on escaping problematic input? I saw some escaping, but didn't thoroughly test it. We don't want XSS and such. Yes, because the text is inserted using Document.CreateTextNode, all that is injected is pure text - HTML tags and the likes should not be possible to inject in any way other than as pure text. Special tags like , , \ etc are escaped in advance, but this is just so it will display the characters and not make them invisible. No HTML should be injectable. - Is there some safety against brute force password hacking for the registered people, especially the moderators? E.g. locking accounts after a few wrong passwords. Yup, more than 5 bad attempts will start making it difficult for you to try logging in. - Since we want to host it later inside ASF infra: what are the infra requirements? It seems the server part is written in Lua? Is it based on httpd 2.4 with mod_lua, or just Lua in CGI scripts or similar? Gee, what gave it away? ;) Right now it's written in Lua yes (should anyone be interested in the source code, I'd be happy to provide a link to it), and run on 2.4.2 with mod_pLua (a distant cousin to mod_lua that offers me a bit more flexibility as well as access to POST data*hint hint*). One of the nice things about writing it in Lua is that it is quite easy to port it to other languages such as php or perl, should this be needed. The scripts themselves are quite small, since most of the work is done via JavaScript. I have already asked Tony if we could host this on httpd.a.o, and the answer was a kind no since it would require enabling php or mod_plua for the site, which would either (in the case of plua) be something new and untested or (in the case of php) bloat up the server. So, while we get all that sorted out, I'm more than happy to host it myself. I said running php on the main webservers would very likely with a no, I didnt say it would do that. If the service doesnt have to run on the same vhost as the main httpd.a.o site then we could run the service elsewhere in our infrastructure. Having said that, it would indeed be nice if we could find somewhere on infra where this could be hosted, so we could also share the tool with other sites wishing to incorporate comments in their system. Thanks! Rainer - To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org With regards, Daniel. -- Cheers, Tony --- Tony Stevenson t...@pc-tony.com // pct...@apache.org // t...@caret.cam.ac.uk GPG: 1024D/51047D66 http://blog.pc-tony.com --- signature.asc Description: Digital signature
Re: [VOTE] CMS site migration
Joe Schaefer wrote on Tue, May 08, 2012 at 12:14:05PM -0700: Please cast your vote accordingly: [ x ] : +1 to migrate httpd-site to the CMS -- Cheers, Tony --- Tony Stevenson t...@pc-tony.com // pct...@apache.org // t...@caret.cam.ac.uk GPG: 1024D/51047D66 http://blog.pc-tony.com --- signature.asc Description: Digital signature
HTTPD upgraded on eos - 2.3.8
As the subject says, httpd is now on 2.3.8 for www.apache.org apr is at trunk mod_wsgi was upgraded to 3.3 (http://modwsgi.googlecode.com/files/mod_wsgi-3.3.tar.gz) Had to comment out an output filter line in the main httpd.conf (line 117) Other than that HTTPD started up just fine. http://www.apache.org/server-status -- Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66
Re: HTTPD upgraded on eos - 2.3.8
On Wed, Aug 25, 2010 at 01:04:01AM +0100, Tony Stevenson wrote: Had to comment out an output filter line in the main httpd.conf (line 117) More specifically had to disable deflate - AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xml+rss text/css application/x-javascript The deflate module is loaded, and seemingly not causing any outwardly obvious issues Thoughts? -- Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66
Re: horray - snapshots are back again, but ....
I'm sorry, I dont understand what you want us to do. viewcv is working, I just used it now. As for the rest of your mail, you may need to explain it better. Tony On 3 Nov 2009, at 14:38, Guenter Knauf wrote: ... viewvc is gone now :( hope we can restore that soon also I would like to remind that some snapshot branches need changed, or otherwise they are still useless: http://svn.apache.org/snapshots/?F=0 -- apr-1.0.x -- apr-iconv-1.0.x -- apr-util-1.0.x -- apr-util ++ apr-iconv-1.2.x ++ apr-1.3.x ++ apr-util-1.3.x ++ apr-1.4.x ++ apr-util-1.4.x ++ httpd-2.2.x ++ mod_jk ++ mod_ftp ++ mod_cgid not sure about the docs, but probably also: ++ httpd-docs-2.2 Gün. Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66
Re: [Fwd: SvnPubSub websites -- need more volunteers]
On 2 Oct 2009, at 20:05, William A. Rowe, Jr. wrote: Graham Leggett wrote: Paul Querna wrote: Unless there are any objections, i intend to convert httpd.apache.org later tonight. Yes please! httpd v2.2.14 has been languishing on p.a.o for ages, and refuses to sync to w.a.o. I cannot announce httpd v2.2.14 until this is fixed. and you can't sync to the current website until this sync occurs, but we must wait 24 hours for mirrors to catch up. people.apache.org:/www/www.apache.org/dist/httpd/ is definitely out there, so I don't know what's going on; although the file permissions are wrong, it looks like you didn't set your umask correct. Files should be 664 not 644 to open them to the httpd group, please? But that should not stop a sync, and I don't know why infrastructure hasn't responded to your multiple appeals this week :( Because we have been busy, perhaps? Anyway, it is on my todo list for tonight to fix sync Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66
Re: Context lines in subversion update messages
On 3 Aug 2009, at 13:26, Dan Poirier wrote: I've noticed that when folks vote and the STATUS file update messages go to the commits list, there's typically not enough context in the email to tell what was voted on. Would it make sense to increase the lines of context in these messages? Dan, Not really no as this is a global change for all projects, as all the public data is in one repository. Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66 ECAF DC55 C608 5E82 0B5E 3359 C9C7 924E 5104 7D66
[Travel Assistance] Applications for ApacheCon EU 2009 - Now Open
The Travel Assistance Committee is now accepting applications for those wanting to attend ApacheCon EU 2009 between the 23rd and 27th March 2009 in Amsterdam. The Travel Assistance Committee is looking for people who would like to be able to attend ApacheCon EU 2009 who need some financial support in order to get there. There are very few places available and the criteria is high, that aside applications are open to all open source developers who feel that their attendance would benefit themselves, their project(s), the ASF or open source in general. Financial assistance is available for travel, accommodation and entrance fees either in full or in part, depending on circumstances. It is intended that all our ApacheCon events are covered, so it may be prudent for those in the United States or Asia to wait until an event closer to them comes up - you are all welcome to apply for ApacheCon EU of course, but there must be compelling reasons for you to attend an event further away that your home location for your application to be considered above those closer to the event location. More information can be found on the main Apache website at http://www.apache.org/travel/index.html - where you will also find a link to the online application form. Time is very tight for this event, so applications are open now and will end on the 4th February 2009 - to give enough time for travel arrangements to be made. Good luck to all those that apply. Regards, The Travel Assistance Committee smime.p7s Description: S/MIME cryptographic signature
Re: changing mod_wombat's name
Paul Querna wrote: Brian McCallister wrote: +1 to renaming, but I'm not sure we can or should call it mod_lua. Any other ideas? mod_pony:-) Cheers, Tony
Re: [ANNOUNCEMENT] Apache HTTP Server 2.2.10 Released
Paul Querna wrote: Jim, It might be too late to do anything, but it doesn't seem that this announcement email went to [EMAIL PROTECTED] or to [EMAIL PROTECTED] I didn't see the moderation message for [EMAIL PROTECTED]
Re: Broken trunk build
Nick Kew wrote: Plüm, Rüdiger, VF-Group wrote: [SNIP] ... This m4 is nasty! +1 on that
Re: [VOTE] Release Apache HTTP server 2.2.10
On Fri, October 10, 2008 3:36 pm, Jim Jagielski wrote: Based on the positive feedback on the test tarballs, I'd like to start a vote on releasing 2.2.10. I'm looking to release on Tuesday, since I'll be traveling Monday, so I'll close the vote on Tues AM. After all my positive testing, thus far, I'm in the +1 camp. Cheers, Tony
Re: 2.2.10 test tarballs available
Builds cleanly on Suse 11.0, x86_64. Also on Debian Etch, CentOS 5.2 - again both x86_64 +1 Cheers, Tony -- - Tony Stevenson [EMAIL PROTECTED] // [EMAIL PROTECTED] http://www.pc-tony.com/ 1024D/51047D66 ECAF DC55 C608 5E82 0B5E 3359 C9C7 924E 5104 7D66 -
Re: svn.apache.org down?
Adam Woodworth wrote: I very regularly have problems accessing svn.apache.org. For example, right now a traceroute gets to corv-car1-gw.nero.net and then can't get any further. I can't access svn.apache.org at all right now. Which means I can't do some work right now. :) Does anyone know of any problems with svn.apache.org or its ISP? There is no known issue with svn.apache.org at the moment Adam. However there have been a couple of difficulties with the network interface these past few days. If you are in the EU, you can try accessing svn.eu.apache.org Can you be more specific as to what exactly is not working? Error messages would be useful. We are trying to stabilise svn.apache.org as fast as we can, but this can be trecherous when it is live, and in production. The EU svn mirror should be fully online shortly, however with the issues with svn.apache.org, yo may see a slight delay in the changes being sync'd to the master. Adam, fwiw, emailing [EMAIL PROTECTED] may yield better replies. Even though most of us in infra read [EMAIL PROTECTED] --Tony
Re: svn.apache.org down?
Jim Jagielski wrote: On May 19, 2008, at 11:43 AM, Tony Stevenson wrote: Adam Woodworth wrote: I very regularly have problems accessing svn.apache.org. For example, right now a traceroute gets to corv-car1-gw.nero.net and then can't get any further. I can't access svn.apache.org at all right now. Which means I can't do some work right now. :) Does anyone know of any problems with svn.apache.org or its ISP? There is no known issue with svn.apache.org at the moment Adam. However there have been a couple of difficulties with the network interface these past few days. FWIW, I have also had times this am when SVN access is unavailable... v. sporadic. Looks like I spoke too soon :-) There is now an issue with svn.apache.org. Joe is looking into this now. --Tony
Re: PATCH -- make the cache modules part of 'all'.
Nick Kew wrote: That begs the question, what do we mean by all? It currently excludes proxy and dav, as well as the modules you mention. That's IMHO rather more confusing than it should be. However, we really do need to default to dynamic building if we're to include more modules in instant-brew-default configurations. As it stands, a default (static) all build gives you something quite insane. We have tried to capture this confusion, on the wiki we have a page we often redirect people too. This often helps them build all modules, when that is what they actually want to do. http://wiki.apache.org/httpd/ConfigAllMods Cheers, Tony
Re: Apache service problem. make_sock: could not bind to address.
Ashwani, Your email needs to be redirected to [EMAIL PROTECTED] This list (dev@) is for the people interested in the development of the HTTP Server. Alternatively look here, and use the IRC option. http://httpd.apache.org/docs/2.2/faq/ Tony On Thu, January 17, 2008 9:44 am, Ashwani Kumar Sharma wrote: Hi All, While trying to run apache service on windows I faced this strange problem. I have installed IPv6 on this machine. If I make apache run on some port no which is not free. I don't see any logfile being created in the apache/log directory. While I try to run the httpd.exe from the command prompt with same port no. I see following error message on the console. (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted. : make_sock: could not bind to address [::]:9356 no listening sockets available, shutting down Unable to open logs Does somebody know what is the problem. Thanks and Regards, Ashwani Sharma Mob: +91+9916454843 Off: +91-80-26265053 -Original Message- From: Rodent of Unusual Size [mailto:[EMAIL PROTECTED] Sent: Thursday, January 17, 2008 10:17 AM To: Apache HTTP server developers Subject: [STATUS] (httpd-2.0) Wed Jan 16 23:46:53 2008 APACHE 2.0 STATUS: -*-text-*- Last modified at [$Date: 2008-01-10 11:27:21 -0500 (Thu, 10 Jan 2008) $] The current version of this file can be found at: * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS Documentation status is maintained seperately and can be found at: * docs/STATUS in this source tree, or * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/docs/STATUS Consult the following STATUS files for information on related projects: * http://svn.apache.org/repos/asf/apr/apr/branches/0.9.x/STATUS * http://svn.apache.org/repos/asf/apr/apr-util/branches/0.9.x/STATUS Consult the trunk/ for all new development and documentation efforts: * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS Release history: 2.0.63 : Tagged January 10, 2008. 2.0.62 : Tagged January 4, 2008. Not released. 2.0.61 : Released September 7, 2007. 2.0.60 : Tagged August 10, 2007, not released. 2.0.59 : released July 28, 2006 as GA. 2.0.58 : released May 1, 2006 as GA. 2.0.57 : tagged April 19, 2006, not released. 2.0.56 : tagged April 16, 2006, not released. 2.0.55 : released October 16, 2005 as GA. 2.0.54 : released April 17, 2005 as GA. 2.0.53 : released February 7, 2005 as GA. 2.0.52 : released September 28, 2004 as GA. 2.0.51 : released September 15, 2004 as GA. 2.0.50 : released June 30, 2004 as GA. 2.0.49 : released March 19, 2004 as GA. 2.0.48 : released October 29, 2003 as GA. 2.0.47 : released July 09, 2003 as GA. 2.0.46 : released May 28, 2003 as GA. 2.0.45 : released April 1, 2003 as GA. 2.0.44 : released January 20, 2003 as GA. 2.0.43 : released October 3, 2002 as GA. 2.0.42 : released September 24, 2002 as GA. 2.0.41 : rolled September 16, 2002. not released. 2.0.40 : released August 9, 2002 as GA. 2.0.39 : released June 17, 2002 as GA. 2.0.38 : rolled June 16, 2002. not released. 2.0.37 : rolled June 11, 2002. not released. 2.0.36 : released May 6, 2002 as GA. 2.0.35 : released April 5, 2002 as GA. 2.0.34 : tagged March 26, 2002. 2.0.33 : tagged March 6, 2002. not released. 2.0.32 : released Feburary 16, 2002 as beta. 2.0.31 : rolled Feburary 1, 2002. not released. 2.0.30 : tagged January 8, 2002. not rolled. 2.0.29 : tagged November 27, 2001. not rolled. 2.0.28 : released November 13, 2001 as beta. 2.0.27 : rolled November 6, 2001 2.0.26 : tagged October 16, 2001. not rolled. 2.0.25 : rolled August 29, 2001 2.0.24 : rolled August 18, 2001 2.0.23 : rolled August 9, 2001 2.0.22 : rolled July 29, 2001 2.0.21 : rolled July 20, 2001 2.0.20 : rolled July 8, 2001 2.0.19 : rolled June 27, 2001 2.0.18 : rolled May 18, 2001 2.0.17 : rolled April 17, 2001 2.0.16 : rolled April 4, 2001 2.0.15 : rolled March 21, 2001 2.0.14 : rolled March 7, 2001 2.0a9 : released December 12, 2000 2.0a8 : released November 20, 2000 2.0a7 : released October 8, 2000 2.0a6 : released August 18, 2000 2.0a5 : released August 4, 2000 2.0a4 : released June 7, 2000 2.0a3 : released April 28, 2000 2.0a2 : released March 31, 2000 2.0a1 : released March 10, 2000 Contributors looking for a mission: * Just do an egrep on TODO or XXX in the source. * Review the bug database at: http://issues.apache.org/bugzilla/ * Review the PatchAvailable bugs in the bug database: http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEWbug_status=A SSIG NEDbug_status=REOPENEDproduct=Apache+httpd-2.0keywords=PatchAvailable After testing, you can append a comment saying Reviewed and tested. * Open bugs in the bug database. CURRENT RELEASE
Re: 1.3 bugs
Impressive feat, takes a brave man to take on that many bugs! Jim Jagielski wrote: I went through and cleared out maybe 200 or so bugzilla bugs for 1.3... Will start on the 2.x ones tomorrow and try to clear out most of the crud there... We have some real old ones :)
Re: [Issue] External links @ the wiki, aka pagechange wars
Paul Querna wrote: William A. Rowe, Jr. wrote: We have a serious issue to determine, and I've asked for a 48 hour cooldown of wiki.apache.org/httpd/ to make a decision, and in the meantime asked that the wiki become read-only for the conclusion of this decision. [XXX] Our httpd wiki is open to external resources for httpd. [ ] External httpd resources are prohibited. I mean this explicitly, obviously a link to MS/Sun/RedHat about their specific platform would be genuinely useful and relevant. I believe that Wikis must be able to link to external sites -- just like we do in the regular documentation. However, just like the the regular documentation, these links are generally restricted to Vendors, or other long standing and stable sites. (or... example.com) He has quoted the Apache wiki etiqutte guide, in his home page on the wiki. Wiki Eitquette -- http://wiki.apache.org/httpd/WikiCourse/BasicIntroduction/200_Wikiquette?action=printmedia=projection His wiki Home Page -- http://wiki.apache.org/httpd/AskApache In which he infers he is allowed to use external links to materials of his own choice. However the wiki-etiquette seems to be a standard set of pages shipped with MoinMoin, maybe they need reviewing for ASF application and either removing, or modifying accordingly. I believe we can look to wikipedia's linking policy as a good example of how to build a 'policy' that people can understand: http://en.wikipedia.org/wiki/Wikipedia:External_links In this case: AdSense covered personal blogs especially from people who do not contribute in other mediums doesn't seem like a good place to be linking to. On the revision war: I don't like it; I do believe AskApache's link should be removed. I don't blame megaspaz, he was using the tools available, trying to communicate with AskApache that the link was unacceptable. The larger problem is that the AskApache person has never, AFAIK, made themselves known on the mailing list, or other mediums, making it impossible to communicate with them in other manners. AskApache has had several email conversations with both myself, and Rich. In which he was asked politely, but firmly to not use links to content on his site. Material such as his htaccess guide were at best misleading, as well the possibility of plagiarism. Sadly they do get very agressive when their material is modified or removed from the wiki, he has thus far refused to openly communicate with us, claiming ... we singled him out for abuse ... Megaspaz is a commited helper in #apache and I firmly believe he was doing his best to keep the wiki clean, and accurate. We have been lucky so far in that we have only had two spam posts, much less than was originally anticiapted. I find it very unfortunate that it has come to this, considering Rich and I struggled for quite some time to have the wiki created. When we first started using the wiki, the intention was for it to be a staging post for non docs comitters to submit works that can be then moved into the official docs project. It has now grown beyond my best expectations with lots of good content. As mentioned in a previous email to the docs list, this has now become the de facto FAQ, and is growing day on day. In fact we were highly praised by 3 or 4 individuals in #apache for the content, as it was accurate and helped them solve their issues with little fuss and with ease. This is testament to those of us who strive to make it so, and of the content in there. I have copies of these email conversations, and I am willing to forward them on to the appropriate people, rather than these lists as a whole. This gentleman has been a source of concern for sometime with some regulars in #apache. Reviewing some of his material leads us to conclude that he may have some very valuable input to the docs project, but the way in which he has handled the situation has been less than enthusiastic. Unfortunately there is no simple way, or for that matter a policy, of preventing him from accessing the wiki. He has already used 3 different user accounts to circumvent measures put in place. We could of course block his IP and delete hsi user account, but as we all know these are very easily circumvented anyway. On a policy: My opinion doesn't fit into a hard and fast rule, and rather relies upon discretion. -Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -Tony
Re: [Issue] External links @ the wiki, aka pagechange wars
Joshua Slive wrote: On 5/24/07, Rich Bowen [EMAIL PROTECTED] wrote: On May 24, 2007, at 04:23, Tony Stevenson wrote: AskApache has had several email conversations with both myself, and Rich. In which he was asked politely, but firmly to not use links to content on his site. NOTE: NOT because external links are bad, but because the articles to which he was linking were misleading, incorrect, and promoted sub- optimal solutions to common problems. The implied endorsement (The Apache docs link to this article, so it must be true) was unfortunate, and undesirable. Although I respect Bill's desire to have this solved apache-wide, I actually think that this case would have been better addressed in the closer confines of [EMAIL PROTECTED] Let's just address this particular case and not worry about the general issue for now. The Apache wiki is not some democratic exercise like wikipedia where we need to treat everyone equally. We are a meritocracy, not a democracy, even on the wiki. Certain people (like Rich) have earned the right to make final decisions about what should be on the wiki. AskApache has not earned that right. The content that he is adding is inappropriate (and violates my suggested policy) for many reasons. I suggest that someone email him and tell him that he is henceforth banned from: 1) Making any links to his personal site; and 2) Reverting any change made by someone else (even if that change is a reversion of his change). If he can't live with those rules, he can be banned for good. +1 Would it be possible to re-enable write access for known 'good guys' so we can continue the process maintaining the wiki? If you would like me to send this email (as someone who has not interacted with him before) I'd be fine with that (although I don't know his address). Josh, I am happy to send this mail too, as I already have a history with him. I am not sure he will react overly well with someone else 'wading in' to this. Joshua. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -Tony
