I'm approaching this from a caching perspective, so when a module uses quick_handler for non-caching mechanisms, my comments do not apply but here's an option:
What if modules were required to set the Vary: header appropriately and have mod_cache_* honor it? This way, you're caching problem is fixed for not only stuff that quick_handler screws up but for stuff that any downstream proxy screws up. If you're module absosmurfly has to run on every request, do "Vary: *" and you're problem is solved. -bmd On Tue, Jul 30, 2002 at 12:40:56PM -0700, Ryan Bloom wrote: > > I realize that this is a strong statement, but I believe that I can back > it up. My reasons for not liking this hook at all: > > 1) If I have a page that I have served and it gets put in the cache, > then it will be served out of the quick_handler phase. However, if I > then add or modify a .htaccess file to deny access to that page, then my > changes won't be honored until the page expires from the cache. This is > a security hole, because I don't know of anyway to invalidate cached > pages. (This one if from a conversation with wrowe). [ I guess it > might be possible to clear the cache with a graceful restart. ] > > 2) If I have a page that uses access checking to ensure that only > certain people can request the page, the cache_filter will put it in the > quick handler. However, the page may not be allowed to people who will > request it from the cache. I may be wrong about this one, but I see how > the cache disallows pages that require authentication. I do not see how > it can disallow caching of pages that require access_checking. > > 3) It isn't possible for a module author to circumvent the > quick_handler phase. If I write a module that doesn't want to allow the > quick_handler phase, for security reasons, I can't enforce it. > > While I understand that we are giving people a lot of rope and asking > them to use it wisely, this phase gives too much rope, and invites > people to hang themselves. > > I believe that this hook should be removed, and all content should be > served out of the handler phase. If we are looking to remove some > request phases, then we should make it possible to avoid individual > phases when serving requests, not completely skip all of them. > > Ryan > > ---------------------------------------------- > Ryan Bloom > [EMAIL PROTECTED] [EMAIL PROTECTED] > >
