Hello all,
In 1.9.x you accessed HTTP request headers via the HTTP_*
variables. For
example 'HTTP_User_Agent' and 'HTTP_USER-Agent' variables
are both
the 'User-Agent:' HTTP header value. In 2.x support for
changing the '_' to
a '-' was dropped and thus only partial support for this was
implemented. In
2.x 'HTTP_User-Agent' will work, but 'HTTP_User_Agent' will
not assume
the '_' to '-' translation and will look (perhaps
unexpectantly)
for 'User_Agent:' HTTP header. In 2.x it is much easier,
cleaner and
expected to use 'REQUEST_HEADERS:User-Agent'.
To avoid confusion and to simplify the code, I would like to
drop support for
HTTP_* emulation entirely in the up-coming 2.2.x release.
However, before I
do this, I'd like to hear from any users/sites that are
heavily relying on
this emulation.
thanks,
-B
--
Brian Rectanus
Breach Security
------------------------------------------------------------
-------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the
chance to share your
opinions on IT & business topics through brief
surveys-and earn cash
http://www.techsay.com/default.
php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
mod-security-users mailing list
mod-security-users lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-
security-users
|
