 | | Re: Why are SSIs bad? —Matthew Miller
|
| | | (...) If you're the site admin, there's not a security problem. The security issue is with letting your _users_ use SSI, because those commands execute as the user which owns the web server. Which, if you don't trust your users, is a bad thing. (...) (25 years ago, 30-Sep-99, to lugnet.off-topic.geek, lugnet.publish)
|
| | | |
| | | | | Re: Why are SSIs bad? —Jacob Sparre Andersen
|
| | | | [ FUT lugnet.publish ] Matthew: [...] (...) Would you care to give a lazy web site manager a hint for doing this with Apache? Play well, Jacob ---...--- -- E-mail: sparre@cats.nbi.dk -- -- Web...: <URL:(URL) -- ---...--- (25 years ago, 1-Oct-99, to lugnet.off-topic.geek, lugnet.publish)
|
| | | | |
| | | | | | Re: Why are SSIs bad? —Matthew Miller
|
| | | | (...) Check in your httpd.conf for this: # CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each # document that was negotiated on the basis of content. This asks proxy # servers not to cache the document. Uncommenting the (...) (25 years ago, 1-Oct-99, to lugnet.publish)
|
| | | | |
| | | | | | Re: Why are SSIs bad? —Jacob Sparre Andersen
|
| | | | Matthew: (...) Hmm? This sounds more like it is related to content negotiation, which among other things is used to deliver documents in a language the reader understands. Does it mean that proxy servers don't know about content negotiation? (...) (...) (25 years ago, 1-Oct-99, to lugnet.publish)
|
| | | | |
| | | | | | Re: Why are SSIs bad? —Matthew Miller
|
| | | | (...) Actually, I think you're right. Sorry -- too early in the morning. Or late at night. Whenever it was when I wrote that. Disregard what I said. :) I just tested, and it looks to me like Apache isn't setting "Pragma: no-cache". So I think what (...) (25 years ago, 1-Oct-99, to lugnet.publish)
|
| | | | |
