You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Michael Schout <ms...@gkg.net> on 2004/01/27 19:22:45 UTC

[ANNOUNCE] Apache::AuthCookie 3.05

The file

    Apache-AuthCookie-3.05.tar.gz

has entered CPAN as

  file: $CPAN/authors/id/M/MS/MSCHOUT/Apache-AuthCookie-3.05.tar.gz
  size: 31025 bytes
   md5: 4288575a1eedb52b2fb774324cd63ec8

Changes:
Version: 3.05
   - Fix POD documentation bug (thanks Steve van der Burg)
   - login(): set Location header with err_headers_out rather than headers_out
     (Casey West)
   - put cookie removal code in remove_cookie() method, put cache handling
     code in handle_cache() (Mark A. Hershberger)
   - reorganized tree to support multiple mod_perl versions.
   - rewrote tests to use Apache::Test framework from CPAN.
   - fix POD errors in authorize() documentation.
   - initial support for mod_perl version 2
   - mp2: check for Apache::RequestRec arg so that unported subclasses
     throw exceptions.

mod_perl v2 subclass authors: the API has changed slightly for the
mod_perl v2 version.  See README.modperl2 for details.

Regards,
Michael Schout
GKG.NET, Inc.

-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [ANNOUNCE] Apache::AuthCookie 3.05

Posted by Michael Schout <ms...@gkg.net>.

On Wed, 28 Jan 2004, Geoffrey Young wrote:

> so, the Location header really needs to special treatment to be included in
> redirect responses, which is typically why you put things in err_headers_out.

Well, the report I got on it was that setting it in headers_out rather
than err_headers_out causes "Client-Warning: Redirection loop detected"
headers to be generated.  I never was able to reproduce that and figured
it must just be a configuration issue.

The main reason I changed it was because I *thought* that
err_headers_out was more appropritate because login returns REDIRECT.
However, looking at http_protocol.c, I'm not so sure.  At least looking
at the apache 1.3 sources, ap_send_error_response() in http_protocol.c
prefers to have Location in headers_out rather than err_headers_out (as
you have already pointed out :)).  So from that standpoint, its probably
better to have the Location in headers_out.  Given that, I think its
best to  change it back for the next release.

So to answer your question, there was not really a specific bug involved
here.  I just assumed that err_headers_out was the appropriate place
becuase of the REDIRECT.  I didn't know that http_protocol.c was
treating Location differently from other headers :).  Thanks for
pointing that out.

Regards,
Michael Schout
GKG.NET, Inc.
-- 
Hal 9000 - "Put down those Windows disks Dave....  Dave?  DAVE!!"

-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [ANNOUNCE] Apache::AuthCookie 3.05

Posted by Geoffrey Young <ge...@modperlcookbook.org>.


>    - login(): set Location header with err_headers_out rather than headers_out
>      (Casey West)

I find this curious.  both apache 1.3 and 2.0 have the following logic (in
http_protocol.c):

    const char *location = apr_table_get(r->headers_out, "Location");
    ...
    /*
     * It's possible that the Location field might be in r->err_headers_out
     * instead of r->headers_out; use the latter if possible, else the
     * former.
     */
    if (location == NULL) {
        location = ap_table_get(r->err_headers_out, "Location");
    }

so, the Location header really needs to special treatment to be included in
redirect responses, which is typically why you put things in err_headers_out.

is there a specific bug that was fixed with this change?  I'm curious to
know what it is :)

--Geoff



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [ANNOUNCE] Apache::AuthCookie 3.05

Posted by Michael J Schout <ms...@gkg.net>.

On Tue, 27 Jan 2004, Stas Bekman wrote:

> So should it be added to:
> http://perl.apache.org/products/apache-modules.html#Ported_3rd_party_Modules

Yes Stas.  Please add it to the list.

Thanks!

Regards,
Michael Schout
GKG.NET, Inc.
-- 
Hal 9000 - "Put down those Windows disks Dave....  Dave?  DAVE!!"

-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [ANNOUNCE] Apache::AuthCookie 3.05

Posted by Stas Bekman <st...@stason.org>.

Michael Schout wrote:
> The file
> 
>     Apache-AuthCookie-3.05.tar.gz
[...]
>    - rewrote tests to use Apache::Test framework from CPAN.
>    - fix POD errors in authorize() documentation.
>    - initial support for mod_perl version 2
>    - mp2: check for Apache::RequestRec arg so that unported subclasses
>      throw exceptions.
> 
> mod_perl v2 subclass authors: the API has changed slightly for the
> mod_perl v2 version.  See README.modperl2 for details.

So should it be added to:
http://perl.apache.org/products/apache-modules.html#Ported_3rd_party_Modules

__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html