Mailing List Archive: ModPerl: ModPerl

[ANNOUNCE] Apache::AuthCookie 3.05

Index | Next | Previous | View Threaded

mschout at gkg

Jan 27, 2004, 11:22 AM

Post #1 of 5 (765 views)
Permalink

[ANNOUNCE] Apache::AuthCookie 3.05

The file

Apache-AuthCookie-3.05.tar.gz

has entered CPAN as

file: $CPAN/authors/id/M/MS/MSCHOUT/Apache-AuthCookie-3.05.tar.gz
size: 31025 bytes
md5: 4288575a1eedb52b2fb774324cd63ec8

Changes:
Version: 3.05
- Fix POD documentation bug (thanks Steve van der Burg)
- login(): set Location header with err_headers_out rather than headers_out
(Casey West)
- put cookie removal code in remove_cookie() method, put cache handling
code in handle_cache() (Mark A. Hershberger)
- reorganized tree to support multiple mod_perl versions.
- rewrote tests to use Apache::Test framework from CPAN.
- fix POD errors in authorize() documentation.
- initial support for mod_perl version 2
- mp2: check for Apache::RequestRec arg so that unported subclasses
throw exceptions.

mod_perl v2 subclass authors: the API has changed slightly for the
mod_perl v2 version. See README.modperl2 for details.

Regards,
Michael Schout
GKG.NET, Inc.

--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

stas at stason

Jan 27, 2004, 5:32 PM

Post #2 of 5 (709 views)
Permalink

Re: [ANNOUNCE] Apache::AuthCookie 3.05 [In reply to]

Michael Schout wrote:
> The file
>
> Apache-AuthCookie-3.05.tar.gz
[...]
> - rewrote tests to use Apache::Test framework from CPAN.
> - fix POD errors in authorize() documentation.
> - initial support for mod_perl version 2
> - mp2: check for Apache::RequestRec arg so that unported subclasses
> throw exceptions.
>
> mod_perl v2 subclass authors: the API has changed slightly for the
> mod_perl v2 version. See README.modperl2 for details.

So should it be added to:
http://perl.apache.org/products/apache-modules.html#Ported_3rd_party_Modules

__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas [at] stason http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

mschout at gkg

Jan 27, 2004, 9:10 PM

Post #3 of 5 (735 views)
Permalink

Re: [ANNOUNCE] Apache::AuthCookie 3.05 [In reply to]

On Tue, 27 Jan 2004, Stas Bekman wrote:

> So should it be added to:
> http://perl.apache.org/products/apache-modules.html#Ported_3rd_party_Modules

Yes Stas. Please add it to the list.

Thanks!

Regards,
Michael Schout
GKG.NET, Inc.
--
Hal 9000 - "Put down those Windows disks Dave.... Dave? DAVE!!"

--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

geoff at modperlcookbook

Jan 28, 2004, 6:29 AM

Post #4 of 5 (780 views)
Permalink

Re: [ANNOUNCE] Apache::AuthCookie 3.05 [In reply to]

> - login(): set Location header with err_headers_out rather than headers_out
> (Casey West)

I find this curious. both apache 1.3 and 2.0 have the following logic (in
http_protocol.c):

const char *location = apr_table_get(r->headers_out, "Location");
...
/*
* It's possible that the Location field might be in r->err_headers_out
* instead of r->headers_out; use the latter if possible, else the
* former.
*/
if (location == NULL) {
location = ap_table_get(r->err_headers_out, "Location");
}

so, the Location header really needs to special treatment to be included in
redirect responses, which is typically why you put things in err_headers_out.

is there a specific bug that was fixed with this change? I'm curious to
know what it is :)

--Geoff

--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

mschout at gkg

Jan 28, 2004, 10:34 AM

Post #5 of 5 (724 views)
Permalink

Re: [ANNOUNCE] Apache::AuthCookie 3.05 [In reply to]

On Wed, 28 Jan 2004, Geoffrey Young wrote:

> so, the Location header really needs to special treatment to be included in
> redirect responses, which is typically why you put things in err_headers_out.

Well, the report I got on it was that setting it in headers_out rather
than err_headers_out causes "Client-Warning: Redirection loop detected"
headers to be generated. I never was able to reproduce that and figured
it must just be a configuration issue.

The main reason I changed it was because I *thought* that
err_headers_out was more appropritate because login returns REDIRECT.
However, looking at http_protocol.c, I'm not so sure. At least looking
at the apache 1.3 sources, ap_send_error_response() in http_protocol.c
prefers to have Location in headers_out rather than err_headers_out (as
you have already pointed out :)). So from that standpoint, its probably
better to have the Location in headers_out. Given that, I think its
best to change it back for the next release.

So to answer your question, there was not really a specific bug involved
here. I just assumed that err_headers_out was the appropriate place
becuase of the REDIRECT. I didn't know that http_protocol.c was
treating Location differently from other headers :). Thanks for
pointing that out.

Regards,
Michael Schout
GKG.NET, Inc.
--
Hal 9000 - "Put down those Windows disks Dave.... Dave? DAVE!!"

--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads