You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2020/03/29 13:22:20 UTC
svn commit: r1875854 - /httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en
Author: covener
Date: Sun Mar 29 13:22:19 2020
New Revision: 1875854
URL: http://svn.apache.org/viewvc?rev=1875854&view=rev
Log:
xforms
[skip ci]
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en
Modified: httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en?rev=1875854&r1=1875853&r2=1875854&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_userdir.html.en Sun Mar 29 13:22:19 2020
@@ -38,6 +38,14 @@
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_userdir.c</td></tr></table>
<h3>Summary</h3>
+<div class="warning">By using this module you are allowing multiple users
+to host content within the same origin. The same origin policy is a key
+principle of Javascript and web security. By hosting web pages in the same
+origin these pages can read and control each other and security issues in
+one page may affect another. This is particularly dangerous in combination
+with web pages involving dynamic content and authentication and when
+your users don't necessarily trust each other.</div>
+
<p>This module allows user-specific directories to be accessed using the
<code>http://example.com/~user/</code> syntax.</p>
</div>