On Thu, 25 Apr 2002, John Rowe wrote: > 1. Apache has a configuration file saying what directories it will access > and and any module that allows you to access files outside those > directories is a security hole. Does axkit check? I don't see that file:// > uris have any place in a dicument served by http.
Well then perl is a security hole. You should probably delete it. > 2. However you look at it, the uri '/foo/bar/baz' on a document hosted on > www.myhost.com should resolv to http://www.myhost.com/foo/bar/baz and if > axkit does not do this then it is not behaving properly. It does do that. That was the whole problem in this thread. The bug that Markus is stuck with is a bug in nsgmls, not in AxKit (modulo the problem with relative URIs he's seeing). > 3. If I do this and axkit behaves properly then I need only make one > symlink from docroot to the real dtd directory, configure apache to allow > symlinks for that directory and all my dtds work. > > Why is this so difficult? Probably due to bugs. Contributions to fix this are always welcome, but it may be harder than you first think. I don't know, as I'm not having this problem. Also if you want something fixed, log it as a bug. We do go through the bugs you know ;-) -- <!-- Matt --> <:->Get a smart net</:-> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
