Re: 2.5.STABLE2

From: PsychoTekk .de <psychotekk@dont-contact.us>
Date: Sun, 10 Nov 2002 17:43:13 +0100

what about this little patch to prevent the unencrypted
cachemgr password being shown in the browser address bar
and in server logfiles?
(cachemgr.c handles both request methods)

regards,
 Clemens

--- cachemgr.c 2002-09-01 14:32:00.000000000 +0200
+++ cachemgr.next.c 2002-10-04 12:28:48.000000000 +0200
@@ -242,7 +242,7 @@ auth_html(const char *host, int port, co
     printf("<P>This is a WWW interface to the instrumentation interface\n");
     printf("for the Squid object cache.</P>\n");
     printf("<HR noshade size=\"1px\">\n");
- printf("<FORM METHOD=\"GET\" ACTION=\"%s\">\n", script_name);
+ printf("<FORM METHOD=\"POST\" ACTION=\"%s\">\n", script_name);
     printf("<TABLE BORDER=\"0\" CELLPADDING=\"10\" CELLSPACING=\"1\">\n");
     printf("<TR><TH ALIGN=\"left\">Cache Host:</TH><TD><INPUT NAME=\"host\" ");
     printf("size=\"30\" VALUE=\"%s\"></TD></TR>\n", host);

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
Single & ready to mingle? lavalife.com:  Where singles click. Free to Search!
http://www.lavalife.com/mailcom.epl?a=2116
Received on Sun Nov 10 2002 - 09:43:14 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:18:40 MST