Re: Possible release note for systems running PHP through CGI.

To: debian-devel@lists.debian.org
Subject: Re: Possible release note for systems running PHP through CGI.
From: Christoph Anton Mitterer <calestyo@scientia.net>
Date: Mon, 20 Aug 2012 20:47:00 +0200
Message-id: <[🔎] 1345488420.4285.56.camel@fermat.scientia.net>
In-reply-to: <[🔎] 20120820070213.GB4732@grep.be>
References: <[🔎] 20120819021726.GC20875@falafel.plessy.net> <[🔎] 20120820070213.GB4732@grep.be>

On Mon, 2012-08-20 at 09:02 +0200, Wouter Verhelst wrote:
> Maybe that's because it's expected they would be PHP scripts emitting
> JPEG files, not plain JPEG files? This seems like a feature to me, not a
> bug. Why was support for that removed?
I think that's really wrong style then...

Content generated by PHP files should have it's Content-Type header (and
others) set from within PHP.

The bug (which is a security problem) overweights the feature here,
IMHO.

Cheers,
Chris.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

References:
- Possible release note for systems running PHP through CGI.
  - From: Charles Plessy <plessy@debian.org>
- Re: Possible release note for systems running PHP through CGI.
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: Re: can we (fully) fix/integrate NetworkManager (preferred) or release-goal its decommissioning
Next by Date: Re: Minified javascript files
Previous by thread: Re: Possible release note for systems running PHP through CGI.
Next by thread: Re: Possible release note for systems running PHP through CGI.
Index(es):
- Date
- Thread