Re: Deprecating URL passwords in cache_object://

From: Mark Nottingham <mnot_at_yahoo-inc.com>
Date: Sat, 4 Oct 2008 10:57:51 +1000

And what about when it's an accelerator? Polluting the site's URL
space isn't so great...

I like the idea of making it vanilla HTTP, but it needs to be
configurable on a different port/interface.

On 03/10/2008, at 5:37 PM, Kinkie wrote:

> On Fri, Oct 3, 2008 at 5:38 AM, Amos Jeffries <squid3_at_treenet.co.nz>
> wrote:
>> Mark Nottingham wrote:
>>>
>>> I'm thinking about adding some functionality to cache manager that
>>> requires passing it arguments, but the current format is getting
>>> in the way;
>>>
>>> t = sscanf(url, "cache_object://%[^/]/%[^@]@%s", host, request,
>>> password);
>>>
>>> AFAICT the @password suffix on the URL is deprecated; cachemgr.cgi
>>> and
>>> squidclient both now use Basic auth.
>>>
>>> What do folks think about removing support for @password in URLs?
>>>
>>
>> I think we should be making it a standardized URI format same as
>> HTTP, but
>> with a different protocol portion to identify.
>>
>> That way the proper URI parse can be used and the special case tests
>> dropped.
>
> I'd go a different route, deprecating cache_object entirely (my past
> cachemgr work has this as a possible outcome too).
> [http://<cfg.visible_hostname>]/squid-internal-cachemgr/<menu>
> is imo a good candidate as an "application root".
>
>
> --
> /kinkie

--
Mark Nottingham       mnot_at_yahoo-inc.com
Received on Sat Oct 04 2008 - 01:35:24 MDT

This archive was generated by hypermail 2.2.0 : Sat Oct 04 2008 - 12:00:02 MDT