We've had a fair amount of success handing long processing jobs off to
daemons (written with Net:Daemon, in most cases passing across args using
Net::Telnet), using pages with reloading redirects to check the daemon
status in a table.
Avoids much work in httpd, and allows user to hang up web
[EMAIL PROTECTED] wrote:
On my Apache mod_perl is generally enabled with the following statement:
Directory /data/apache
Files ~ \.pl$
SetHandler perl-script
PerlHandler Apache::Registry
Options +ExecCGI
/Files
/Directory
you might have better luck
On Tue, Jan 22, 2002 at 08:31:02AM -0500, Geoffrey Young wrote:
[EMAIL PROTECTED] wrote:
On my Apache mod_perl is generally enabled with the following statement:
Directory /data/apache
Files ~ \.pl$
SetHandler perl-script
PerlHandler Apache::Registry
Directory /data/apache
AddHandler .pl perl-script
PerlHandler Apache::Registry
Options +ExecCGI
/Directory
thnx, but: This part doesnt make the problem. mod_perl works like a
charm. Problem is how to deactivate it for a certain location ?
well, only .pl files will be
On Tue, Jan 22, 2002 at 08:53:39AM -0500, Geoffrey Young wrote:
Directory /data/apache
AddHandler .pl perl-script
PerlHandler Apache::Registry
Options +ExecCGI
/Directory
thnx, but: This part doesnt make the problem. mod_perl works like a
charm. Problem is how
Hi!
On Tue, Jan 22, 2002 at 03:02:58PM +0100, [EMAIL PROTECTED] wrote:
only pl-files are affected. Unfortunately I have some pl-files that
must not run under mod_perl (even not under PerlRun cause they are
really dirty) and I wonder if there is no way to set the orginal
cgi-handler (that
Hello,
while working on a small CGI program that should run under mod_perl for
performance reasons, I get this:
[Tue Jan 22 16:48:31 2002] [info] [client 192.168.1.5] (2)No such file or directory:
client stopped connection before rwrite completed
[Tue Jan 22 16:48:31 2002] [debug]
Thanks for the trouble time though.
--
Philip M. Gollucci (p6m7g8) [EMAIL PROTECTED] 301.314.3118
Science, Discovery, the Universe (UMCP)
Webmaster Webship Teacher
URL: http://www.sdu.umd.edu
Actually I tried that exact configure line one of the millions I tried it
for perl, and it got to make, where I got millions of undefined PL_*
errors.
I can't control what patches they have or have not applied... Is there
anyway I can check myself ?
I'm more of a BSD/FreeBSD expert.
Hi,
I thought it might be interesting to start a thread on cross-site
scripting attacks, since it seems that many people are not aware of
the risks involved. Has anyone noticed attacks on their applications?
Do you religiously check all input you get from form-submissions?
What techniques do
What techniques do you use to insure that your application is not
vulnerable?
Usually I write application so that they do some processing, package up a
chunk of data, and hand it to a template. With this structure, all you need
to do is HTML-escape the data structure before handing it off, or
On Tuesday 22 January 2002 18:48, Perrin Harkins wrote:
What techniques do you use to insure that your application is not
vulnerable?
Usually I write application so that they do some processing, package up a
chunk of data, and hand it to a template. With this structure, all you
need to
On Tue, Jan 22, 2002 at 09:25:15AM -0800, Paul Lindner wrote:
Hi,
I thought it might be interesting to start a thread on cross-site
scripting attacks, since it seems that many people are not aware of
the risks involved. Has anyone noticed attacks on their applications?
Do you religiously
On Tue, 22 Jan 2002 19:01:48 +0100
Thomas Eibner [EMAIL PROTECTED] wrote:
my $fields = {
id = ['\d+', \validation_sub ],
text = ['(?:\w\s)+']
};
And I feed this along with the request or cgi object to a function
that checks each key for first the
On Tue, 22 Jan 2002 09:25:15 -0800
Paul Lindner [EMAIL PROTECTED] wrote:
As part of the CPANification of the code in the mod_perl Developer's
cookbook, I present Apache::TaintRequest, a module that helps prevent
cross-site scripting attacks by automatically html-escaping 'tainted'
text sent
Yes and no. XSS attacks are possible on old browsers, when the charset is
not
set (something which is often the case with modperl apps) and when the
HTML-escaping bit does not match what certain browsers accept as markup.
Of course I set the charset, but I didn't know that might not be
On Tuesday 22 January 2002 19:04, Perrin Harkins wrote:
Of course I set the charset, but I didn't know that might not be enough.
Does anyone know if Apache::Util::escape_html() and
HTML::Entities::encode() are safe?
A quick look (I could be wrong) at HTML::Entities seems to imply that it
On Tue, Jan 22, 2002 at 07:11:28PM +0100, Robin Berjon wrote:
On Tuesday 22 January 2002 19:04, Perrin Harkins wrote:
Of course I set the charset, but I didn't know that might not be enough.
Does anyone know if Apache::Util::escape_html() and
HTML::Entities::encode() are safe?
A quick
Try showrev -p for a list of installed patches.
-Original Message-
From: Philip M. Gollucci [mailto:[EMAIL PROTECTED]]
Subject: Re: Solaris + Apache + mod_perl = TROUBLE
I can't control what patches they have or have not applied... Is there
anyway I can check myself ?
I'm more of a
Chris Hutchinson writes:
Avoids much work in httpd, and allows user to hang up web connection and
return later to continue viewing status.
We used to do this, but found it more complex (more protocols and
server types) than simply letting Apache/mod_perl handle the job. I
guess this depends
I apologize, I'm afraid I was lost in my brevity :). showrev -p will return
a list of installed Solaris system patches.
Try showrev -p for a list of installed patches.
-Original Message-
From: Philip M. Gollucci [mailto:[EMAIL PROTECTED]]
Subject: Re: Solaris + Apache + mod_perl =
21 matches
Mail list logo
