Your message dated Sun, 5 Nov 2006 22:54:57 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Closing
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: twiki
Version: 20030201-6
Severity: wishlist
I notice that the default apache config included with this version
includes a commented-out redirect directive for /twiki. This line
doesn't work perfectly, because it supersedes the earlier Alias lines,
so the /pub and /data directories are inaccessible. I changed the line
to a RedirectMatch which matches only subdirectory components beginning
with an initial capital, and this seems to work well. The only caveat
is that this will only work so long as all your web names begin with an
initial capital. I believe that this is the convention anyway, so it
should not be a great limitation, but probably still worth mentioning in
a comment in the file.
The advantage here is that it's now possible to use shortened URLs, for
example:
http://twiki/twiki/Main/TWikiUsers
Since apache serves a redirect to
http://twiki/cgi-bin/twiki/view/Main/TWikiUsers there shouldn't be any
issues relating to internal links; they will continue to use the long
form as always.
Please consider including this directive in the default apache.conf
fragment, at least as a commented example.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.20-020stab009.24.777-enterprise
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages twiki depends on:
ii apache2-common 2.0.52-3 Next generation, scalable, extenda
ii debconf 1.4.30.11 Debian configuration management sy
pn libalgorithm-diff-perl Not found.
ii libdigest-sha1-perl 2.10-1 NIST SHA-1 message digest algorith
ii libnet-perl 1:1.19-1 Implementation of Internet protoco
ii perl [libmime-base64-perl] 5.8.4-3 Larry Wall's Practical Extraction
ii perl-modules [libnet-perl] 5.8.4-3 Core Perl modules
ii rcs 5.7-13.3 The GNU Revision Control System
--- apache.conf~ 2005-02-02 00:35:31.000000000 -0800
+++ apache.conf 2005-02-02 11:24:52.000000000 -0800
@@ -1,8 +1,12 @@
# Added for twiki
Alias /twiki/pub /var/www/twiki/pub
Alias /twiki/data /var/lib/twiki/data
-Redirect /twiki/index.html http://twiki/cgi-bin/twiki/view
-#Redirect /twiki/ http://twiki/cgi-bin/twiki/view
+
+#This RedirectMatch won't work for web names not starting with [A-Z]
+RedirectMatch /twiki(/[A-Z].*)?$ http://twiki/cgi-bin/twiki/view$1
+
+#Redirect /twiki/index.html http://twiki/cgi-bin/twiki/view
+#Redirect /twiki http://twiki/cgi-bin/twiki/view
# make sure this is even needed, and ref the doc section needing it
<Directory /usr/lib/cgi-bin/twiki/>
--- End Message ---
--- Begin Message ---
Version: 1:4.0.4-3
This upload closes all these bugs:
twiki (1:4.0.4-3) unstable; urgency=high
* added Hotfix 4 for TWiki 4.0.4
-- Sven Dowideit <[EMAIL PROTECTED]> Fri, 15 Sep 2006 00:00:01 -1000
twiki (1:4.0.4-2) unstable; urgency=high
* added Hotfix 3 for TWiki 4.0.4
includes:
Item 2714 - SECURITY ISSUE! - Topics with ALLOWTOPICVIEW
defined in "Edit Settings" (META) can be read by anyone
with a specially crafted SEARCH.
Item 2806 - Security Alert CVE-2006-4294 - viewfile doesn't
follow rules for mapping attachment names
-- Sven Dowideit <[EMAIL PROTECTED]> Sat, 09 Sep 2006 00:00:01 -1000
twiki (1:4.0.4-1) unstable; urgency=high
* added Hotfix 2 for TWiki 4.0.4
includes (CVE-2006-3819) - Configure robustness update
-- Sven Dowideit <[EMAIL PROTECTED]> Sun, 20 Aug 2006 00:00:01 -1000
twiki (1:4.0.4-0.1) unstable; urgency=high
* new upstream version TWiki-4.0.4
includes prevent script execution of uploaded files (CVE-2006-3336)
(Closes: #381907)
4.0.2 includes CVE-2006-1387: DoS with INCLUDE
(Closes: #367973)
* restricted access to configure script
* added libcgi-session-perl dependency
* stopped failure when /etc/apache-foo/conf.d/twiki.conf_old doesn't
exist
* cleaned up handling of apache reload/restart calls
-- Andrew Moise <[EMAIL PROTECTED]> Fri, 11 Aug 2006 15:05:06 -0400
twiki (1:4.0.1-1) unstable; urgency=high
* new upstream version TWiki-4.0.1
(Closes: #255782, #221514, #338118, #311662, #305793, #345668)
* added brute force restart of apache & apache2 (Closes: #300601)
* fixed regex that was supposed to set WIKIWEBMASTER (Closes: #305034)
* removed data dir from apache.conf (Closes #307928)
* added debconf-2.0 dependancy (Closes: #332129)
* improved RedirectMatch (Closes: #293369)
* updated Czech translation of debconf (Closes: #321818)
* added Vietnamese translation of debconf (Closes: #322398)
* added Swedish translation of debconf (Closes: #341095)
* fixed up debconf spelling mistake (Closes: #322399)
* added dependancy option of apache-perl (Closes: #235603)
* cleaned up index.html (Closes: #228748)
* added extra test for existing data (Closes: #229036)
* added primitive test and use of htpasswd2 for apache2 (Closes: #233943)
* remove use of wwwconfig (Closes: 251340)
-- Sven Dowideit <[EMAIL PROTECTED]> Sun, 26 Feb 2006 00:00:01 -1000
Thanks.
--
ยท''`. If I can't dance to it, it's not my revolution
: :' : -- Emma Goldman
`. `' Proudly running Debian GNU/Linux (unstable)
`- www.amayita.com www.malapecora.com www.chicasduras.com
--- End Message ---
