Re: [PyCS-devel] Some trackback client send pings using HTTP GET
Status: Alpha
Brought to you by:
myelin
Menu
▾
▴
Re: [PyCS-devel] Some trackback client send pings using HTTP GET
|
From: Phillip P. <pp...@my...> - 2004-02-10 21:03:25
|
> This is so stupid. They check wether there is a query string in the URL > to ping to and if yes, they use GET. This is so stupid. Of course one > can freely mix POST data and query strings. One is part of the URI and > the other is payload of the request. Hard to believe, isn't it. I think the reason they do this is that old MT installs generated TrackBack URLs like http://foo/mt_tb.cgi?__mode=foo&tb_id=foo, and new ones generate URLs like http://foo/mt_tb.cgi/foo. Checking for the '?' tells you what version you're talking to. I guess ideally we should try to get rid of query strings in comment and trackback links. I doubt the Radio guys will go for this, but perhaps we can allow an alternate syntax for comments.py and trackback.py that PyDS and bzero can understand. allow this: http://www.pycs.net/system/comments.py/0105256/234 as a synonym for this: http://www.pycs.net/system/comments.py?u=0105256&p=234 I guess we'd need to have another way of specifying the post URL, but I've been wanting to add a more secure way of doing that for ages anyway - perhaps get mirrorPosts to store it? (Note that the current method lets anybody hijack the 'this post' URL by posting the first comment in a thread with a fake URL). e.g. http://www.pycs.net/system/comments.py?u=0000014&p=82 Cheers, Phil :) |
