> Well, being a bit slanted on the security side, I agree with mandatory > escaping of the error_logs, as annoying it might be for development > reasons.
well, we've come up with a compromize in 2.1 - compile with -DAP_UNSAFE_ERROR_LOG_UNESCAPED and the error_log will remain in its unescaped format. it's been integrated into 2.1 already, and I have patches for 2.0 and 1.3 ready. 2.0 backport has 3 votes, but the last one is mine, so I'm not sure if I can just go an backport it to 2.0 at this point. as for 1.3, I'm not sure how that works. --Geoff --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
