When a user gets an error message from the accelerator (I'm thinking
here particularly of "access denied"), can we please present the
"public" URL, not the "behind the scenes" version, which in our case
lookes like "http://wwwserver2.cranfield.ac.uk/blah/foo".
This leaks bad info to the use (wwwserver2 is not guaranteed to
work here, www is) and if I'm doing IP based access control, I'm
effectively telling users a possible way to get around the accelerator;
while I'm intending to have the same degree of access control
everywhere, I'd rather not have people trying to fiddle in the first
place.
Ideally, I'd like to be able to present a specific error message for
each "http_access deny" line (e.g. if access control failed for *this*
reason, return *that* message), and include various strings in the
message (e.g. the requested URL (cf the "real" one) or the IP address
if a reverse lookup failed).
Peter Lister Email: p.lister@cranfield.ac.uk
Computer Centre, Cranfield University Voice: +44 1234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL UK Fax: +44 1234 751814
------------------------------------------------------------------------
(1) "Yes" (2) "No" (3) "That would be an ecumenical matter"
------------------------------------------------------------------------
Received on Thu Dec 12 1996 - 05:33:14 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:53 MST