1- - - - - - - - - - high priority - - - - - - - - - - 2 3IPv6 not working right. 4 5Problem with ACME News downloads. PATH_INFO interferes with the authorization. 6 7Why is the client's IP address showing up in paths? 8 9Fetches with numeric IP addresses and no Host: header are screwing up the 10vhost code? 11143.90.193.229 - - [06/Apr/2000:09:21:34 -0700] "GET /209.133.38.22/software/thttpd/ HTTP/1.0" 200 12093 "http://www.dbphotography.demon.co.uk/index.html" "Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)" 12143.90.193.229 - - [06/Apr/2000:09:21:37 -0700] "GET /143.90.193.229/software/thttpd/anvil_thttpd.gif HTTP/1.0" 403 - "http://www.acme.com/software/thttpd/" "Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)" 13 14Have directory indexing skip files that start with dot? Except ..? 15In libhttpd.c: 16+ if (*(de->d_name) == '.' && *(de->d_name+1) != '.') 17+ continue; 18 namlen = NAMLEN(de); 19 20Add comment on INDEX_NAMES that it should be simple filenames only. 21 22The error page generated for non-local referers should include the 23original URL as an active link. 24 25Make open in mmc.c use O_NONBLOCK flag, to prevent DOS attack via 26a named pipe? 27 28- - - - - - - - - - later - - - - - - - - - - 29 30Document how symlinks interact with .htpasswd - authorization is checked 31on the result of the symlink, and not the origin. 32 33SIGHUP log re-opening doesn't work if you started as root. 34 35Change redirect to put the Refresh command in the HTTP headers, instead of 36a META tag. 37 38Add TCP_NODELAY, but after CGIs get spawned. 39 40Add stat cache? 1 minute expiry? 41 42Ifdef the un-close-on-exec CGI thing for Linux only. 43 44Add keep-alives, via a new state in thttpd.c. 45 46- - - - - - - - - - someday - - - - - - - - - - 47 48The special world-permissions checking is probably bogus. For one 49thing, it doesn't handle restrictive permissions on parent directories 50properly. It should probably just go away. 51 52redirect should interpret a path with a trailing / as /index.html 53 54ssi should change $cwd to the source document's location. 55 56Allow .throttle files in individual directories. 57 58Log-digesting scripts. 59 60Config web page. 61 Common errors: 62 Not realizing that -c overrides CGI_PATTERN instead of augmenting it. 63 Using a directory name for the -c pattern. 64 65- - - - - - - - - - 3.x - - - - - - - - - - 66 67Tasklets re-write. 68 69- - - - - - - - - - general - - - - - - - - - - 70 71Release process: 72 - update version number in version.h README INSTALL and 73 contrib/redhat-rpm/thttpd.spec 74 - do a tdiff and update the local installation 75 - do an rcstreeinfo, and check in all files 76 - make tar 77 - mv it to .. 78 - update version number in ../thttpd.html 79 - update ~acmeweb/updates.html 80 - mail announcement to thttpd-announce 81
