subject:"\[php\-maint\] Bug#670945\: Bug#670945\: Bug#670945\: About the media types text\/x\-php and text\/x\-php\-source"

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

2012-08-31 Thread Christoph Anton Mitterer

On Thu, 2012-08-30 at 00:16 +0200, Christoph Anton Mitterer wrote:
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^(.*)$ $1.php [last]

Tried them out in the meantime.

Seem to work as expected.


Cheers,
CHris.


smime.p7s
Description: S/MIME cryptographic signature

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

2012-08-29 Thread Ondřej Surý

Chris,

your text is very hard to read and parse.

Could you assemble your comments into consistent paragraphs of
suggested texts? (E.g. the final versions of the text you suggest we
use. Or send a patch.)

On Wed, Aug 29, 2012 at 10:32 AM, Christoph Anton Mitterer
cales...@scientia.net wrote:
On Wed, 2012-08-29 at 09:28 +0200, Ondřej Surý wrote:
With much cooler head and weekend after me and after carefull
consideration of Chris's
comments I have decided to go with:
Good =)

Some comments to your text :)

php5 (5.4.4-7) unstable; urgency=low

* As a side effect of MIME-Type changes in the mime-support package, the
default Apache 2 configuration doesn't support MultiViews negotiation,
That reads like as if mod_negotiation itself was disabled per default in
Apache (Stefan, if you kept on reading: I'd absolutely support this ;-)
)... is this the case, OR do we just have the effect that is does (as it
should) no longer work for the files whose php files were removed?

PHP 5 and Apache 2 Multiviews
--

Apache 2 mod_negotiation's MultiViews needs php scripts to have a
MIME-Type to make the negotiation work. We are using Apache 2 handlers
(SetHandler directive) to enable PHP processing, so by default the
MultiViews support is disabled in Debian packages.
Again, that reads a bit, as if negotiation was generally not
available.
Perhaps if we write: so by default the MultiViews support for PHP files
is disabled in Debian packages.

You can explicitly
add extra MIME-Types (different from magic application/x-httpd-* types)
which will not cause any special PHP processing,

[Optionally (but I don't insist), one could add something like the
following here:]
(unless another way than Debian's default way of enabling PHP is used)

[just as a warning...]
but just enable
MultiViews negotiation support.

Add these two lines to you Apache 2 config to enable MultiViews:
AddType application/x-php php phtml php3
AddType application/x-php-source phps
Correct :)
And actually... if it's really HTTP Negotiation that is desired (and not
tiding URLs from /foo.php to /foo) we MUST NOT use prevent the
file.php.foo issue, because we need to allow things like:
foo.php.en (e.g. returning English content)
foo.php.de (e.g. returning German content)

Also most likely what you really want would be better accomplished by
mod_rewrite rules where you can explicitly specify what gets
rewritten to what (e.g. http://localhost/file gets rewritten to
file.php, but not to file.html or file.js).
I, personally, would rather turn up that like this:
If what you actually want, is to enable tidy URLs (e.g.
http://example.org/foo can be used instead of
http://example.org/foo.php) HTTP Content Negotiation is not what should
be used anyway.
That would be better accomplished by URL rewriting (via mod_rewrite)
rules where one can explicitly specify what gets rewritten as what.

(e.g. http://localhost/file gets rewritten to
file.php, but not to file.html or file.js).
That example contradicts IMHO a bit the intention that we suppose the
user to have:
We expect that he wants to get a file /foo.php be accessible via
/foo, right?
So the user most likely doesn't have files /foo.html or /foo.js in
addition (which would then of course be negotiated, too - likely with
ambiguous results). Because auf this, a URL /foo should not get
rewritten, because negotiation only happens (IIRC) when the target
file exists.

I would like to add text here with instructions how to enable
mod_rewrite handling.
I'll try to write you some mod_rewrite rules later; I'm just on the
train right now and I'll have to give lectures tomorrow, so not sure
when I find time.

Hope that helps,
Chris.

___
pkg-php-maint mailing list
pkg-php-ma...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint

--
Ondřej Surý ond...@sury.org

--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CALjhHG_JFRrLuZ=+ak++=b=GPfcCm4vXjS=SA=yoa0jk3t6...@mail.gmail.com

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

2012-08-29 Thread Christoph Anton Mitterer

Hey Ondřej.

On Wed, 2012-08-29 at 11:11 +0200, Ondřej Surý wrote:
 your text is very hard to read and parse.
Sorry O:-)

Below you find the texts as I would have written them.

1) Especially the README.Debian text is much more elaborate.
Why? What we try with the whole issue here is to prevent our users from
doing some really stupid things.
In order to teach them better it's IMHO important to give them examples
and motivation.

2) My motivation for some other changes was partially already described
in the hard to read/parse email ;-)
Some more:
a) I do not write about negotiation being disabled for PHP files but
rather for PHP file extensions. Why?
We only disabled the negotiation with respect to MIME types not with
respect to langauge, content encoding, etc.
So things like (yes, the examples are stupid):
foo.php.en
foo.php.de
foo.php.ascii
foo.php.UTF8

would be still negotiated to foo.php (WITH the .php extension - this
is not a typo).

b) I largely overtook your explanation on the backgrounds how the
default config makes PHP files being interpreted (SetHandler and that
sections)


Open issues:
I) In:
AddType application/x-php php phtml php3
AddType application/x-php-source  phps
Didn't you use other extensions as well, in the current PHP config
snippets? And shouldn't we add them here, too?


II) I've already added, mod_rewrite rules, which I'm quite sure to work
and to be safe; but I'm abroad giving some lectures at a research centre
and haven't had time yet to test really them.
Could some one do this please?
The intention is:
For any entered URL:
It should try allow to access that file without the trailing .php IF:
- There is not already such (non-directory) file (without .php) that
exists.
- There is not already such a directory of that name.
- If no file of such a name exists, the usual 404 should come.

The rules should work from directory and global/vhost server context.

All that would need to be verified.


III) I haven't done spell checking.



Hope that helps,
Chris.


*
php5 (5.4.4-7) unstable; urgency=low

  * As a side effect of the MIME-Type changes in the mime-support
package, the default Apache 2 configuration will no longer perform
HTTP content negotiation on the PHP file extensions, which was very
questionable anyway.
If you really want to re-enable this support then please read
/usr/share/doc/php5-common/README.Debian file for further
instructions.

 -- Ondřej Surý ond...@debian.org  Wed, 29 Aug 2012 09:18:41 +0200
*

*
PHP 5 and Apache 2 Multiviews (HTTP Content Negotiation)
--

 Apache 2’s mod_negotiation needs files to have a MIME type (amongst
 others) associated with them in order to be considered for HTTP content
 negotiation.
 
 Per default, the Debian PHP packages use Apache 2 handlers (SetHandler
 directive) to enable PHP interpretation, while no MIME type is being
 associated with the common PHP file extensions.
 
 Thus, by default, the HTTP content negotiation is disabled for PHP file
 extensions.
 
 
 Some scenarios:
 1) You intended to use HTTP content negotiation in order to tidy up
URLs:
For example, you wanted the file “http://example.org/foo.php” being
accessible as “http://example.org/foo”, too.

In that case you really shouldn’t abuse mod_negotiation but use
mod_rewrite.
An example of rewrite-rules, which allow any file ending in “.php”
to be accessed without this extension is:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ $1.php [last]
Depending on your setup you may need to set other flags, too,
especially “passthrough” or “qsappend”.


 2) You really wanted to use HTTP content negotiation on PHP files (be
they interpreted or not).
An example for this might be, when you have the files
http://example.org/foo.php
http://example.org/foo.js
which both do the same job, but the former is executed as PHP on
the server-side, while the later is executed as JavaScript on the
client-side.
This  scenario is really very rarely used (if at all)!

If you really want it, just add MIME type definitions like the
following to your Apache 2 configuration:
AddType application/x-php php phtml php3
AddType application/x-php-source  phps
 *


smime.p7s
Description: S/MIME cryptographic signature

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

Re: [php-maint] Bug#670945: Bug#670945: Bug#670945: About the media types text/x-php and text/x-php-source

3 matches

Site Navigation

Mail list logo

Footer information