DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=23421>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=23421 Remove AddDefaultCharset from httpd.conf as shipped ------- Additional Comments From [EMAIL PROTECTED] 2004-08-01 08:21 ------- Is this issue still not resolved? I am Chinese and I am strongly on the side of the reporter. The problem, I suppose, arises from a problematic standard. AFAIK, the header sent from the server overrides that contained in a meta tag. Browsers I use all conform to this behaviour, and sorrows of non-Western Web developers grow. For Chinese, we routinely use <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> to mark a page as Chinese. And this method allows us to place an ISO-8859-1 page on the same server/directory without worrying about server configurations. I even do not know now how to achieve this effect if "AddDefaultCharset" is ever used. Security is important, but I do not think setting the default charset by the SERVER is the right way to go. Indeed, I think the suggestion to use a default charset has caused more problems than solved (see stories below). It is the server-side SCRIPT that should take care of this. And I do not think the comment in the conf file is correct: it really does harm, because setting it will PREVENT Web developer from specifying the charset in their pages, who should really be responsible for such issues. By the way, some stories. Several times I have been called by colleagues because they cannot make Apache display Chinese characters correctly on a newly installed box. I once translated the mission page for webstandards.org, and after a site migration it no longer displayed Chinese. After several emails the non-Western pages are moved to a special server or directory and it was OK. Now the page is archived at http://archive.webstandards.org/mission_gb2312.html And it is wrong AGAIN, along with other translations like Japanese! What is the use of security, if it makes things inaccessible? (Not to mention that it is a wrong response for a security issue. Even the page http://www.cert.org/tech_tips/malicious_code_mitigation.html#3 mentions only the use of a meta tag like the gb2312 example above.) To Dietmar: Your opinions about Accept-Charset are correct only if 1) A Chinese user can set his browser to accept only GB2312; 2) A Chinese user never need to view ISO-8859-1 pages, or the browser supports per-page configuration of Accept-Charset; and 3) If "Accept-Charset: gb2312" is sent to the server, the server will not send the default "charset=ISO-8859-1". I do not see any of them holds. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
