On Tue, Oct 04, 2011 at 09:11:28PM +0200, Francis GALIEGUE wrote: > On Tue, Oct 4, 2011 at 21:08, Christopher Schultz > <ch...@christopherschultz.net> wrote: > [...] > > > > - From the docs: > > > > "If this attribute [allow] is specified, the remote address MUST match > > for this request to be accepted". > > > > "If this attribute [deny] is specified, the remote address MUST NOT > > match for this request to be accepted". > > > > I don't think Matacher.lookingAt is appropriate for this kind of checking. > > > > Well, it depends on the definition of "match", I guess. For me, a > regex matches an input if it matches anywhere in the input! Which is > pretty much the definition of regex matching, and which is why Java's > .matches() methods are misnomers...
Hmmm, old SNOBOL coders may recall the handy concept of "anchored" (.matches(), .lookingAt()) vs. "unanchored" (.find()) matching. The actual difference between matches() and lookingAt() is that of matching the entire string vs. matching a prefix. Having said that, I think that an anchored partial match (lookingAt()) really is the least-bad fit to the address problem, since we're usually more concerned about the first, second, and perhaps third quads of an IP address and the trailing part is considered insignificant. As I posted previously, though, it's still pretty bad: how would you match a /27? Domain matches, OTOH, might take matches() as least-bad of the regex types, since the prefix tends to be the don't-care part. Again, though, since domain structure is significant, regex matching tends to require a lot of complexity that could be considered boilerplate: you almost always need to write all the fiddly escaped dots and stuff. (If you think SNOBOL is ancient: I'm trying to recall whether COMIT II embodied all of these concepts. :-) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart.
pgpk3QsMKeVYM.pgp
Description: PGP signature
