On 03/01/2011 01:12 PM, Philip Martin wrote: > "C. Michael Pilato" <cmpil...@collab.net> writes: > >> Just a thought: Have you considered expanding the scope of the private >> resource space rather than using the magic prefix hack? You could add >> ".../!svn/vtxn/UUID" and ".../!svn/vtxr/UUID/..." to be alternate ways to >> address transactions and transaction roots (the "v" there being a shortcut >> for "virtual"). This is *effectively* the same approach as yours -- there's >> a different prefix here. But the prefix is a clearly defined piece of the >> protocol, not just some magic bit buried in mod_dav_svn's codebase. > > I'll have a think about that. One aim is that the proxy can be as dumb > as possible about the Subversion protocol, so that it doesn't have to > rewrite all commit requests. If the client doesn't send the vtxn/vtxr > URLs the proxy has to do more work. > > Another thing about exposing the transaction name in the protocol is > that it is much more predictable than a UUID. Temporary files with > predictable names can be a security issue, are predictable transaction > names a security issue?
I want to say that we've had this discussion on-list before, but I might be remembering something else. I'll see if I can find any prior chatter about this. If there's reason to believe that the current approach is dangerous, then by all means let's dispose of it, fall back to client-provided transaction aliases, and move along! I don't have a particularly strong opinion on the matter save for one: don't make the protocol unnecessarily complex! Necessary complexity? Now that's a different matter altogether. -- C. Michael Pilato <cmpil...@collab.net> CollabNet <> www.collab.net <> Distributed Development On Demand
signature.asc
Description: OpenPGP digital signature
