On 25 Mar 2009, at 14:34, Erik Westland wrote
From: Erik Westland <erikwestl...@yahoo.com>
To: modules-dev@httpd.apache.org
Sent: Saturday, March 21, 2009 11:22:52 PM
Subject: Input filter to process POST variables (e.g. mod_form)
I'm sure I recollect replying to that question a few days ago:
in fact my mailer shows your question as replied to. Guess
maybe it got lost in the ether.
It seems that "mod_form" (see: http://apache.webthing.com/
mod_form/) does the
parameter processing, but comes with the following ominous caveat:
"mod_form works with GET but is largely untested under POST, and
appears to have
problems with POST and HTTP Keepalive. That will be fixed, but
it's not
currently a priority."
There was some test case where it hung. I've also had reports of it
working
successfully with POST.
Q: Does anyone know if this is safe to use? Their support page
lists mod_form
as: "unlikely to represent value to you."
That means I don't want anyone making the voluntary donation my pages
invite
on the false premise that it's a tried-and tested production-grade
module.
Q: Is there another alternative to writing my own? If not, any
idea what the
keepalive issue was?
mod_request (didn't exist when I wrote mod_form). Or apreq (did exist,
but a more heavyweight solution).
Q: Apache processes variables in the URL (parses into r->args)
during POST
requests, but the mod_form implementation doesn't look for r->args
when handling
POST requests. Is this disallowed/discouraged in the spec or an
oversight in the
implementation?
Both. It's an edge case, and a mod_form incompleteness. But it
won't bite you
unless your application uses a POST form with a query_string in the
action.
Or perhaps does similar for non-browser data.
--
Nick Kew
