On Sun, Feb 03, 2002 at 12:37:58PM -0500, Joshua Slive wrote:
From: Zvi Har'El [mailto:[EMAIL PROTECTED]]
triple rather then
double strncmp:
-if (!strncmp(*ep, HTTP_, 5)) {
+if (!strncmp(*ep, HTTP_, 5) || !strncmp(*ep, HTTPS, 5) ||
(no, not like that. not strncmp,
Hi,
I agree with Joshua completely that the conditioning on mod_ssl is not
necessary. However, comparing with the apache 1.3 version of suexec.c, and the
fact that in 2.0 ssl_engine_kernel.c (line 1035) still sets the SSI/CGI
environment variable HTTPS=on , I would recommand to have a triple
According to Joshua Slive:
I'm not sure why Ralf did it that way. It seems that HTTPS should simply
be added to the safe list near the top of the file. The revised patch is
below.
+1
ciao...
--
Lars Eilebrecht- Cyberspace: ...the most potent technology
[EMAIL PROTECTED]
I think this is the right thing, but I won't commit it myself without a
couple +1s, because I don't trust myself mucking with suexec. Someone
suggested making this conditional on mod_ssl being included in the build,
but I don't see the point. There doesn't seem to be any danger in allowing
SSL_