Hi,
mod_include is still missing support for ap_expr. Trying to add that
support raises some questions:
The mod_include expression parser tries hard to limit what can be done.
For example, the subrequest operator -A can be switched of with a config
option. If mod_include was switched to
On Thu, May 12, 2011 at 9:24 AM, Justin Erenkrantz
jus...@erenkrantz.com wrote:
This patch should fix the memory leak. As I mentioned in a follow-up,
we can discuss in Dublin or Berlin if there is a better way to solve
this dangling filter reference...but, this will do the trick and
should be
On 15 May 2011, at 12:51 PM, Stefan Fritsch wrote:
The mod_include expression parser tries hard to limit what can be
done. For example, the subrequest operator -A can be switched of
with a config option.
If it makes your life easier to remove this config option please do -
it was only
On 15 May 2011, at 1:22 PM, Stefan Fritsch wrote:
So you implemented it more as a safeguard against confusion with -
A strings in existing expressions than as a security measure?
Yes.
Do you think that untrusted shmtl files are not a common use case?
In that case I would tend to the people
On Sun, 15 May 2011, Graham Leggett wrote:
Do you think that untrusted shmtl files are not a common use case? In that
case I would tend to the people can always switch back to the old
restricted expression syntax solution.
I don't follow what you mean by untrusted shtml files?
shtml files
On 15 May 2011, at 3:18 PM, Stefan Fritsch wrote:
Maybe the -A option was a bad example, then, because it allows only
access to resources that can be viewed directly, too. But ap_expr
would allow things like
!--#if expr=file('/etc/passwd') =~ /.../
This only allows to leak one bit of the
On 5/15/2011 1:46 AM, Graham Leggett wrote:
On 15 May 2011, at 1:46 AM, William A. Rowe Jr. wrote:
No argument, but there are 1) minor quibbles with the apr-2 interface, and
2) some significant work to replace the original with the new interface, and
not sure who has cycles to attack this in
Am 12.05.2011 18:35, schrieb William A. Rowe Jr.:
On 5/12/2011 9:03 AM, fua...@apache.org wrote:
Author: fuankg
Date: Thu May 12 14:03:27 2011
New Revision: 297
Log:
Added 2.2.18 release; removed 2.2.17 release.
Guenter, what are your thoughts on including this file in the downloads.xml
Hi,
I'd like to add:
http://people.apache.org/~fuankg/chkdigest/
as a cross-platform tool for verifying checksums to the last section on
download.xml - any thoughts?
Gün.
On Sun, May 15, 2011 at 4:26 PM, Guenter Knauf fua...@apache.org wrote:
Hi,
I'd like to add:
http://people.apache.org/~fuankg/chkdigest/
as a cross-platform tool for verifying checksums to the last section on
download.xml - any thoughts?
I wonder what checks the digest of chkdigest.pl? (or
On Wed, May 11, 2011 at 8:33 AM, Jim Jagielski j...@jagunet.com wrote:
The candidate tarballs for 2.3.12 are now available at:
http://httpd.apache.org/dev/dist/
I'm opening up a vote to release these as 2.3.12-beta, with
a hope to push on for a quick GA after maybe another beta
On 15 May 2011, at 10:26 PM, Guenter Knauf wrote:
I'd like to add:
http://people.apache.org/~fuankg/chkdigest/
as a cross-platform tool for verifying checksums to the last section
on download.xml - any thoughts?
The simplest way to check the checksum is to, using the operating
system of
On 5/15/2011 9:18 PM, Guenter Knauf wrote:
any reason why you do no longer list the 2.0.x win32 binaries there?
I don't recall removing these, perhaps they were not ready until shortly
after 2.0.64 shipped. If you would like to fix and add Netware, be my
guest, and otherwise I'll look at this
Complete buildlog:
http://svwe20.itex.at/autobuilds/asf/httpd/201105152210-netware-httpd.txt.gz
=
Exporting httpd-trunk ...
Path: trunk
URL: http://svn.apache.org/repos/asf/httpd/httpd/trunk
Repository Root:
Am 16.05.2011 00:13, schrieb William A. Rowe Jr.:
On 5/15/2011 9:18 PM, Guenter Knauf wrote:
any reason why you do no longer list the 2.0.x win32 binaries there?
I don't recall removing these, perhaps they were not ready until shortly
after 2.0.64 shipped. If you would like to fix and add
I found this in my Spambox
Met vriendelijke groet,
Gilbert van Houten
Wijn.org
Woerden
i...@wijn.org
T 0348-483838
0622-488964
http://shop.wijn.org
inline: logo_vanhouten.gif
On 16-mei-2011, at 0:13, fua...@apache.org wrote:
Complete buildlog:
Hi all,
It's above my head to dig into mod_cache in order to find out what was
intended but lastmod is apr_time_t, so NULL is invalid; possibly a typo
and lastmods was meant?
Norm
On 16/05/2011 8:13 AM, fua...@apache.org wrote:
Complete buildlog:
On 5/15/2011 11:50 PM, Guenter Knauf wrote:
Am 16.05.2011 00:13, schrieb William A. Rowe Jr.:
On 5/15/2011 9:18 PM, Guenter Knauf wrote:
any reason why you do no longer list the 2.0.x win32 binaries there?
I don't recall removing these, perhaps they were not ready until shortly
after 2.0.64
Complete buildlog:
http://svwe20.itex.at/autobuilds/asf/httpd/201105160410-netware-httpd.txt.gz
=
Exporting httpd-trunk ...
Path: trunk
URL: http://svn.apache.org/repos/asf/httpd/httpd/trunk
Repository Root:
19 matches
Mail list logo