Re: [httpush-devel] (no subject)
Status: Beta
Brought to you by:
jfs
Menu
▾
▴
Re: [httpush-devel] (no subject)
|
From: Lluis M. <ll...@gi...> - 2001-07-14 13:23:47
|
Hi Jason, Quoting ja...@li...: > Hey all, > > I've been using httpush with mostly success for about 3 months I > guess (just about since release date). I had to do minor dorking to > get it working ok under netscape (disable ssl v3 support and comment > out some of the cookie code). Just noticed this new I'd like to know if you had to do any modifications to Netscape in order to get the CVS httpush to work for you, I had to change nothing on NEtscape 4.7, export version, but any problem reports will be welcome :) > fixed but -f logging has been removed. Are there plans to readd or > is help needed for this? The "-f" is gone for good and won't come back :) but... The new version uses the "data/" directory for logging. It's no longer a plain text file where you can review the requests made, but a few XML files that are rather uninteligible without the proper parsing. In order to review the requests (and responses, which are now logged), give the internal webserver a try, just point your browser to the ip and port where you are running httpush, e.h. http://127.0.0.1:8080/ and check the Audited Sites link. Sites you have visited using the proxy are displayed and some (very basic) information on them can be obtained by clicking on the server name. The plus sign to the left of the site will lead you to the directory/pages/requests section, where you can see an overview of the site structure and view the raw request and response data. This is much more powerful than it used to be, though till the time where plugins are in place not a lot of functionality apart from reviewing requests is provided. I hope to improve this soon :) Once the plugin specifications are in place and the code is finished, my idea is to offer users the ability to write their own plugins that will interact with HTTPush, so that e.g. when a new directory is found, a plugin could be called in order to make operations on that directory, such as trying to get a directory listing, etc. Also, reporting plugins need to be written, I can imagine one could be written to create a "-f"-like file from the XML data, something not that difficult, and that at least two persons have already requested :) Personally i'm much more interested in a reporting plugin that will output a report on server-wide security, including directory structures + vulnerabilities found in it, which is already taken into account in the DTD (check the httpush.dtd file in the CVS). It's just a matter of time, there is plenty to do, and there will be work for everybody when the plugins are in place :) Cheers, and thanks for your email, Lluis Mora . |
