[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#309148: RFP: wnhttpd -- Small and secure web server - everything is denied by default

Package: wnpp
Severity: wishlist

* Package name    : wnhttpd
  Version         : 2.4.6
  Upstream Author : <johnf@wnserver.org>
* URL             : http://www.wnserver.org/
* License         : GPL
  Description     : Small and secure web server - everything is denied by default

(Include the long description here.)

Comment from OpenBSD mailing list:

    I'd suggest WN, that has always been one of the most paranoid web
    server so far (everything is denied by default, it will only serve
    files that are explicitely authorized, a la firewall) . The code
    is clean and clearely design to be secure. Plus it has a bunch of
    very useful feature that can even make it a standalone alternative
    to bloated scripting languages like PHP.

WN is a server for the Hypertext Transfer Protocol HTTP/1.1. Its
primary design goals are security, robustness, and flexibility, in
that order. One of its objectives is to provide functionality usually
available only with complex CGI programs without the necessity of
writing or using these programs. (Of course CGI/1.1 is fully supported
for those who want it). Despite this extensive functionality the WN
executable is substantially smaller than the CERN httpd, NCSA httpd or
Apache servers.

WN was planned with a focus on serving HTML documents. This means such
things as enabling full text searching of a single logical HTML
document which may consist of many files on the server, or allowing
users to search all titles on the server and obtain a menu of matching
items, or allowing users to download a total logical document for
printing which, in fact, consists of many linked files on the
server. All of these are done in a way which is transparent to the
user (and largely transparent to the maintainer)! The "User's Guide
for the WN Server", which this chapter is part of, provides a good
example of many of these features.

Another feature not found in many other servers is conditionally
served text. Often a server maintainer may wish to serve different
versions of a document to different clients. By adding simple HTML
comments to documents and marking those documents to be "parsed" by
the server, the maintainer can arrange that different sections or
entirely different documents are sent to clients, based on such things
as the client's domain name, IP address, browser type, browser
"Accept" header, "Cookie header", etc. This feature is described in
more detail in the section "Conditional Text: If, Else, and Endif" in
this guide.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)

Reply to: