At 12:07 PM 1/12/01, Blue Lang wrote:
>On Fri, 12 Jan 2001, J. J. Horner wrote:
> > I'm also toying with the idea of allowing each script
> to have a DEBUG=1
> > option enabled in a handler so that as long as it is
> the script owner,
> > verified by uid, trying to set the DEBUG=1 parameter in
> a URL, the full
> > debug information is sent to a browser
>
>Erm.. I'm not sure how you're going to verify the uid of a
>remote user,
>unless you mean mapping an IP to each cgi-wrapped UID.
I don't see how you'd do it based on uid, either, but you
could certainly do something based upon REMOTE_ADDR.
$localnet = '192.168.1.';
$r->subprocess_env(DEBUG=> = 1 )if
$r->get_remote_host(REMOTE_NOLOOKUP) =~ /^$localnet/;
(My mailer is probably going to insert an incorrect newline
in that code, please ignore)
>Either way, you've got a lot of moving targets. I might
>hijack the custom
>error page handler in Apache and send a default error page
>unless the
>remote user is somehow authenticated.. But I don't think
>remote uid or IP
>are gonna be reliable.
The remote IP doesn't need to be reliable for everyone,
only for the people that are supposed to see the debugging
information.
Todd
