are stolen from Greg's mod_dav site. Some specifics:
- Change recommendations about where to place the dav lockfile and be specific
about required permissions.
- Remote the HEAD from the <Limit> block, since it is implied by GET.
- Add a security section discussing file permissions, auth issues, denial of
service, etc.
- Add a "complex config" section discussing the dynamic content issue.
Review requested. Unfortunately, I can't check in the html because of
transformation problems in my setup.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99469 13f79535-47bb-0310-9956-ffa450edef68
the previous implementation used a format string already taken
by mod_logio
now, an optional %P format is used instead
thanks to Andre' Malo for pointing out that I chose a format string
already used by mod_logio!
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99442 13f79535-47bb-0310-9956-ffa450edef68
Note: the removed sequences ('esc $ B' 'esc ( B' (or other way round)) are ok.
These are useless "shift on"/"shift off" switches. See RFC 1468.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99356 13f79535-47bb-0310-9956-ffa450edef68
The change is mainly intended to save some memory during the build process.
Additionally we may get a bit more clearness in our document structure ...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99333 13f79535-47bb-0310-9956-ffa450edef68
document but all variants of it (i.e. one basename), such as avail. languages,
formats etc.
(Note, that it's still a noop for the output.)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99330 13f79535-47bb-0310-9956-ffa450edef68
Note this change (as previously written, it implied that 1.3.5
had this vulnerability, which is not true). I'm not sure if
"httpd 2.0" is the preferred name.
- <p>Note that in versions previous to 2.0.46 no escaping has been performed
+ <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed
on the strings from <code>%...r</code>, <code>%...i</code> and
<code>%...o</code>. This was mainly to comply with the requirements of
the Common Log Format. This implied that clients could insert control
characters into the log, so you had to be quite careful when dealing
with raw log files.</p>
- <p>For security reasons starting with 2.0.46 non-printable and
+ <p>For security reasons, starting with 2.0.46, non-printable and
other special characters are escaped mostly by using
<code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for
the hexadecimal representation of the raw byte. Exceptions from this
rule are <code>"</code> and <code>\</code> which are escaped by prepending
- a backslash, and all whitespace characters that are written in their
- C-notation (<code>\n</code>, <code>\t</code> etc).</p>
+ a backslash, and all whitespace characters which are written in their
+ C-style notation (<code>\n</code>, <code>\t</code> etc).</p>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99302 13f79535-47bb-0310-9956-ffa450edef68
I changed the references to the auth modules, so that they're matching
the new model, but it probably needs a rewrite anyway.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99288 13f79535-47bb-0310-9956-ffa450edef68
change directive from compressionlevel to deflatecompressionlevel
PR:
Obtained from:
Submitted by: Ian Holsman, Andre Malo
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98982 13f79535-47bb-0310-9956-ffa450edef68
files (as proposed some weeks ago):
misc/custom_errordocs.html
misc/descriptors.html
misc/fin_wait_2.html
misc/known_client_problems.html
misc/tutorials.html
images/custom_errordocs.gif
The correspondig links were also removed. What remains
are the Japanese docs:
urlmapping.xml.ja
mod/mod_include.xml.ja
vhosts/fd-limits.xml.ja
env.xml.ja
sitemap.xml.ja
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98874 13f79535-47bb-0310-9956-ffa450edef68
