I'm still using web.py 0.22 from SVN how can I merge that into this bzr branch? Or is that even an option?
On Dec 16, 8:38 am, "Anand Chitipothu" <[EMAIL PROTECTED]> wrote: > On Dec 16, 2007 8:33 PM, bubblboy <[EMAIL PROTECTED]> wrote: > > > > > > > David Terrell wrote: > > > On Fri, Dec 14, 2007 at 03:14:48PM +1300, Ben Hoyt wrote: > > >>> Thats dangerous. But isn't that the duty of webserver? > > > >> Yeah, I also wondered whether Apache would filter it out. But it doesn't, > > >> and on second thoughts, I don't think it is the duty of the web server, > > >> because there are loads of semi-custom HTTP methods, like the ones that > > >> webdav/svn uses, and people sometimes use their own custom ones, too. > > >> Here's > > >> a list of HTTP methods I found: > > >> http://annevankesteren.nl/2007/10/http-methods > > > >> But I figure most people won't be using PROPFIND with web.py. And if they > > >> want to, they can always add it to valid_methods. > > > > Option one: Apache limit by method. > > > Option two: by convention or standard, all HTTP methods are all caps. Why > > > not simply filter out all methods that doen't start with a capital letter? > > > (or methods that are all capitals). > > > That just reduces the scope of the problem instead of fixing it. I > > favour Ben's solution on this one. > > > Also; web.py is a server iself, too. So it should still take care of > > this, in the end. (Assuming that server also allows these weird methods.) > > we are planning to release web.py 0.23 soon with this fix and many others. > I have created a bzr branch for 0.23 release > athttp://webpy.org/bzr/webpy-0.23and added a fix for this bug. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/webpy?hl=en -~----------~----~----~----~------~----~------~--~---
