You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jacob Mathew <ja...@gmail.com> on 2008/06/01 04:16:35 UTC
Re: [users@httpd] Reverse Proxy Sanity Check
Yes the ProxyHTMLExtended directive can, but the ProxyHTMLURLMap
directive can't. I think I said as much in the line "The solution
proffered seem to be to use ProxyHTMLExtended and identify the URL
using regular expressions. "
My concern is that it is using brute force regular expression
matching, which I am anxious about doing in a high visibility website.
I was looking to see if this was being done regularly and if I am
being overly paranoid, or if my concern is valid.
-Jacob
On Fri, May 30, 2008 at 12:02 PM, Nick Kew <ni...@webthing.com> wrote:
> On Fri, 30 May 2008 08:17:22 -0700
> "Jacob Mathew" <ja...@gmail.com> wrote:
>
>> So far it all seems quite solid, but then there is the issue of URL's
>> in javascript and other embedded content which can't identified by
>> ProxyHTMLURLMap.
>
> Yes it can. That's what ProxyHTMLExtended is for.
>
> --
> Nick Kew
>
> Application Development with Apache - the Apache Modules Book
> http://www.apachetutor.org/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse Proxy Sanity Check
Posted by Nick Kew <ni...@webthing.com>.
On Sat, 31 May 2008 19:16:35 -0700
"Jacob Mathew" <ja...@gmail.com> wrote:
> Yes the ProxyHTMLExtended directive can, but the ProxyHTMLURLMap
> directive can't. I think I said as much in the line "The solution
> proffered seem to be to use ProxyHTMLExtended and identify the URL
> using regular expressions. "
>
> My concern is that it is using brute force regular expression
> matching, which I am anxious about doing in a high visibility website.
>
> I was looking to see if this was being done regularly and if I am
> being overly paranoid, or if my concern is valid.
Brute-force regexps is exactly what any of the non-markup-aware
filters (mod_line_edit, mod_substitute, or mod_sed) give you.
The difference is that mod_proxy_html restricts that approach
to the embedded scripts/stylesheets, while the non-markup-aware
filters apply it to the entire documents.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org