perl-docs-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject svn commit: r189522 - in /perl/modperl/docs/trunk/src/docs/2.0/user/handlers: filters.pod http.pod http_cycle.gif protocols.pod
Date Wed, 08 Jun 2005 04:45:03 GMT
Author: stas
Date: Tue Jun  7 21:45:02 2005
New Revision: 189522

URL: http://svn.apache.org/viewcvs?rev=189522&view=rev
Log:
various fixes, based on input from my presentations

Modified:
    perl/modperl/docs/trunk/src/docs/2.0/user/handlers/filters.pod
    perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http.pod
    perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http_cycle.gif
    perl/modperl/docs/trunk/src/docs/2.0/user/handlers/protocols.pod

Modified: perl/modperl/docs/trunk/src/docs/2.0/user/handlers/filters.pod
URL: http://svn.apache.org/viewcvs/perl/modperl/docs/trunk/src/docs/2.0/user/handlers/filters.pod?rev=189522&r1=189521&r2=189522&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/2.0/user/handlers/filters.pod (original)
+++ perl/modperl/docs/trunk/src/docs/2.0/user/handlers/filters.pod Tue Jun  7 21:45:02 2005
@@ -946,7 +946,7 @@
 
 
 
-=head2 Adding OutFilters Dynamically
+=head2 Adding OutputFilters Dynamically
 
 If you have the need to add output filters dymically during the
 request, mod_perl 2.0 offers you the possibility to push filter

Modified: perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http.pod
URL: http://svn.apache.org/viewcvs/perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http.pod?rev=189522&r1=189521&r2=189522&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http.pod (original)
+++ perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http.pod Tue Jun  7 21:45:02 2005
@@ -86,7 +86,7 @@
 <img src="http_cycle.gif" width="600" height="560" 
  align="middle" alt="HTTP cycle"><br><br>
 
-From the diagram it can be seen that an HTTP request is processes by
+From the diagram it can be seen that an HTTP request is processed by
 12 phases, executed in the following order:
 
 =over
@@ -405,6 +405,15 @@
   }
   1;
 
+BTW, the HTTP TRACE method asks a web server to echo the contents of
+the request back to the client for debugging purposes. i.e., the
+complete request, including HTTP headers, is returned in the
+entity-body of a TRACE response. Attackers may abuse HTTP TRACE
+functionality to gain access to information in HTTP headers such as
+cookies and authentication data. In the presence of other cross-domain
+vulnerabilities in web browsers, sensitive header information could be
+read from any domains that support the HTTP TRACE method.
+
 Another way to prevent the core translation is to set
 C<$r-E<gt>filename()> to some value, which can also be done in the
 C<L<PerlTransHandler|/PerlTransHandler>>, if you are already using it.
@@ -507,6 +516,17 @@
       return Apache2::Const::OK;
   }
   
+  sub send_email {
+      my($rh_headers, $r_body) = @_;
+  
+      require MIME::Lite;
+      MIME::Lite->send("smtp", SMTP_HOSTNAME, Timeout => 60);
+  
+      my $msg = MIME::Lite->new(%$rh_headers, Data => $$r_body);
+      #warn $msg->as_string;
+      $msg->send;
+  }
+  
   use APR::Brigade ();
   use APR::Bucket ();
   
@@ -1683,7 +1703,7 @@
 it takes special action and removes the C-L header.  This is done to
 protect against handlers that called C<$r-E<gt>header_only> (L<which
 was ok in 1.3 but is not in 2.0|/Handling_HEAD_Requests>).  Therefore,
-C<GET> and C<HEAD> behave indentically, except when the content
+C<GET> and C<HEAD> behave identically, except when the content
 handler (and/or filters) end up sending no content.  For more details
 refer to the lengthy comments in C<ap_http_header_filter()> in
 F<httpd-2.0/modules/http/http_protocol.c>).

Modified: perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http_cycle.gif
URL: http://svn.apache.org/viewcvs/perl/modperl/docs/trunk/src/docs/2.0/user/handlers/http_cycle.gif?rev=189522&r1=189521&r2=189522&view=diff
==============================================================================
Binary files - no diff available.

Modified: perl/modperl/docs/trunk/src/docs/2.0/user/handlers/protocols.pod
URL: http://svn.apache.org/viewcvs/perl/modperl/docs/trunk/src/docs/2.0/user/handlers/protocols.pod?rev=189522&r1=189521&r2=189522&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/2.0/user/handlers/protocols.pod (original)
+++ perl/modperl/docs/trunk/src/docs/2.0/user/handlers/protocols.pod Tue Jun  7 21:45:02 2005
@@ -60,7 +60,7 @@
 connection that is being used.  mod_perl itself uses this phase to
 register the connection input and output filters.
 
-In mod_perl 1.0 during code development C<Apache2::Reload> was used to
+In mod_perl 1.0 during code development C<Apache::Reload> was used to
 automatically reload modified since the last request Perl modules. It
 was invoked during C<post_read_request>, the first HTTP request's
 phase. In mod_perl 2.0 I<pre_connection> is the earliest phase, so if
@@ -348,8 +348,9 @@
   use APR::Bucket ();
   use APR::Brigade ();
   use APR::Error ();
+  use APR::Status ();
   
-  use APR::Const     -compile => qw(SUCCESS EOF SO_NONBLOCK);
+  use APR::Const     -compile => qw(SUCCESS SO_NONBLOCK);
   use Apache2::Const -compile => qw(OK MODE_GETLINE);
   
   sub handler {
@@ -364,7 +365,7 @@
       while (1) {
           my $rc = $c->input_filters->get_brigade($bb_in,
                                                   Apache2::Const::MODE_GETLINE);
-          last if $rc == APR::Const::EOF;
+          last if APR::Status::is_EOF($rc);
           die APR::Error::strerror($rc) unless $rc == APR::Const::SUCCESS;
   
           while (!$bb_in->is_empty) {
@@ -454,10 +455,10 @@
 
 If you look at the complete handler, the loop is terminated when one
 of the following conditions occurs: an error happens, the end of
-stream status code (C<APR::Const::EOF>) has been received (no more
-input at the connection) or when the received data contains nothing
-but new line characters which we used to to tell the server to
-terminate the connection.
+stream status code (C<EOF>) has been received (no more input at the
+connection) or when the received data contains nothing but new line
+characters which we used to to tell the server to terminate the
+connection.
 
 Now that you've learned how to move buckets from one brigade to
 another, let's see how the presented handler can be reimplemented
@@ -473,7 +474,7 @@
       while (1) {
           my $rc = $c->input_filters->get_brigade($bb,
                                                   Apache2::Const::MODE_GETLINE);
-          last if $rc == APR::Const::EOF;
+          last if APR::Status::is_EOF($rc);
           die APR::Error::strerror($rc) unless $rc == APR::Const::SUCCESS;
   
           for (my $b = $bb->first; $b; $b = $bb->next($b)) {
@@ -537,7 +538,7 @@
       while (1) {
           my $rc = $c->input_filters->get_brigade($bb,
                                                   Apache2::Const::MODE_GETLINE);
-          last if $rc == APR::Const::EOF;
+          last if APR::Status::is_EOF($rc);
           die APR::Error::strerror($rc) unless $rc == APR::Const::SUCCESS;
   
           $c->output_filters->fflush($bb);
@@ -580,7 +581,7 @@
       while (1) {
           my $rc = $c->input_filters->get_brigade($bb,
                                                   Apache2::Const::MODE_GETLINE);
-          last if $rc == APR::Const::EOF;
+          last if APR::Status::is_EOF($rc);
           die APR::Error::strerror($rc) unless $rc == APR::Const::SUCCESS;
   
           next unless $bb->flatten(my $data);



---------------------------------------------------------------------
To unsubscribe, e-mail: docs-cvs-unsubscribe@perl.apache.org
For additional commands, e-mail: docs-cvs-help@perl.apache.org


Mime
View raw message