You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Geoffrey Young <gy...@laserlink.net> on 2000/06/05 18:05:12 UTC
[new module] Apache::Dispatch
hi all...
I'm not sure if some you remember the idea Vivek and Matt had about creating
a handler that mapped, say, http://localhost/Foo/doit to Foo->doit()
anyway, the relevant part of the thread, including some code, can be seen
here:
http://marc.theaimsgroup.com/?l=apache-modperl&m=95598609306936&w=2
I was thinking of officially implementing the idea and wanted to get some
design feedback first...
My thoughts so far:
* limit the response to content handling phase only (I'm not really
sure of what utility other phases would be anyway)
* limit the top-level qualifier for the module that can be executed,
but give this control to the user.
perhaps using PerlAddVar to allow only Apache::, Foo::, etc
modules only is safe enough?
* if possible, I'd like to see it make some intelligent decisions
about whether it should take over the request.
that is, perhaps move away from a <Location> restriction and try
to call Foo->doit() if the normal resoltion /Foo/doit results in a 404.
I'm not sure how this would interact with mod_dir, but I guess it would also
depend on how folks want to use it...
* do we want to default to handler()? if so, what to try first:
Foo::doit->handler() or Foo->doit()
anyway, that's all for now... feedback/thoughts welcome...
--Geoff
Re: [new module] Apache::Dispatch
Posted by Matt Sergeant <ma...@sergeant.org>.
On Mon, 5 Jun 2000, Stas Bekman wrote:
> On Mon, 5 Jun 2000, Geoffrey Young wrote:
>
> > hi all...
> >
> > I'm not sure if some you remember the idea Vivek and Matt had about creating
> > a handler that mapped, say, http://localhost/Foo/doit to Foo->doit()
> >
> > anyway, the relevant part of the thread, including some code, can be seen
> > here:
> > http://marc.theaimsgroup.com/?l=apache-modperl&m=95598609306936&w=2
> >
> > I was thinking of officially implementing the idea and wanted to get some
> > design feedback first...
> >
> > My thoughts so far:
> >
> > * limit the response to content handling phase only (I'm not really
> > sure of what utility other phases would be anyway)
> >
> > * limit the top-level qualifier for the module that can be executed,
> > but give this control to the user.
> > perhaps using PerlAddVar to allow only Apache::, Foo::, etc
> > modules only is safe enough?
>
> Geoff,
> I think you will open a Pandora box by releasing this module. I don't see
> it'd give some real savings, but users will get hurt, badly. You
> shouldn't let the control into user hands! (I mean the clients!) There
> will be alway a module that you will not know about, or a function/method
> inside it you won't think about.
It shouldn't be dangerous at all if you specify:
PerlSetVar DispatchPrefix MyModule
Then http://localhost/Foo/bar
calls MyModule::Foo->bar()
--
<Matt/>
Fastnet Software Ltd. High Performance Web Specialists
Providing mod_perl, XML, Sybase and Oracle solutions
Email for training and consultancy availability.
http://sergeant.org http://xml.sergeant.org
Re: [new module] Apache::Dispatch
Posted by Stas Bekman <sb...@stason.org>.
On Mon, 5 Jun 2000, Geoffrey Young wrote:
> hi all...
>
> I'm not sure if some you remember the idea Vivek and Matt had about creating
> a handler that mapped, say, http://localhost/Foo/doit to Foo->doit()
>
> anyway, the relevant part of the thread, including some code, can be seen
> here:
> http://marc.theaimsgroup.com/?l=apache-modperl&m=95598609306936&w=2
>
> I was thinking of officially implementing the idea and wanted to get some
> design feedback first...
>
> My thoughts so far:
>
> * limit the response to content handling phase only (I'm not really
> sure of what utility other phases would be anyway)
>
> * limit the top-level qualifier for the module that can be executed,
> but give this control to the user.
> perhaps using PerlAddVar to allow only Apache::, Foo::, etc
> modules only is safe enough?
Geoff,
I think you will open a Pandora box by releasing this module. I don't see
it'd give some real savings, but users will get hurt, badly. You
shouldn't let the control into user hands! (I mean the clients!) There
will be alway a module that you will not know about, or a function/method
inside it you won't think about.
How Randal used to say: Dangerous, Willis? or was it Robinson :)
Personally I'm against this idea. Unless you allow only a list of
specified Module::method (s), but even then things will get modified the
original intention forgotten, systems hacked and ruined.
> * if possible, I'd like to see it make some intelligent decisions
> about whether it should take over the request.
> that is, perhaps move away from a <Location> restriction and try
> to call Foo->doit() if the normal resoltion /Foo/doit results in a 404.
> I'm not sure how this would interact with mod_dir, but I guess it would also
> depend on how folks want to use it...
>
> * do we want to default to handler()? if so, what to try first:
> Foo::doit->handler() or Foo->doit()
>
> anyway, that's all for now... feedback/thoughts welcome...
>
> --Geoff
>
>
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:stas@stason.org http://perl.org http://stason.org/TULARC
http://singlesheaven.com http://perlmonth.com http://sourcegarden.org