[cvs] [Wiki] changed: ChucksHorde4Thoughts

Chuck Hagenbuch chuck at horde.org
Tue Jul 8 16:33:24 UTC 2008 

chuck  Tue, 08 Jul 2008 12:33:24 -0400

Modified page: http://wiki.horde.org/ChucksHorde4Thoughts
New Revision:  1.1
Change log:  separate out debug sections

@@ -1,35 +1,15 @@
  [[toc]]

  + Chuck's Horde 4 Thoughts

-++ Unsorted
+++ Debug support

-horde debugging:
-http://www.sitepoint.com/blogs/2008/05/13/useful-in-browser-development-tools-for-php/
+*  
http://www.sitepoint.com/blogs/2008/05/13/useful-in-browser-development-tools-for-php/
+* Debug "wrapper" drivers - encapsulate another driver and delegate  
all calls, but provide before/after hooks for any function along with  
timing, profiling, reporting of calls and arguments, etc.

-chuckhagenbuch: we could use standard ways of gathering debug output...
-
-chuckhagenbuch: we could have a 'debug' driver...
-
-chuckhagenbuch: specify an extra parameter like 'debug_driver' to say  
what real subclass
-to use...
-
-chuckhagenbuch: it would be able to intercept all calls and return  
values. that'd be
-better than nothing...
-
-AlkernF: could it be generic enough to work with
-everything? and how do you intercept calls?
-
-chuckhagenbuch: it would probably have to be written for each driver type
-
-chuckhagenbuch: and by intercept, i mean that you would have it  
instantiate a real
-driver, keep it as a variable, and then every method call, you can  
see the paramters,
-then you pass them to the real driver, look at the return value, then  
pass the return
-value back...
-
-chuckhagenbuch: (by driver type i mean Connection, Prefs, etc... -  
API, i guess)

+++ Unsorted

  // return a 304 if the file hasn't been modified since the  
If-Modified-Since date
      // no point in resending all the data if the browser already has  
it cached
      if (function_exists("apache_request_headers")) {
@@ -770,8 +750,9 @@
     It's not possible to completely protect against sophisticated  
attacks where a hostile
  party controls your network without installing complex software on  
both ends,  and
  solving some intrinsically difficult problems having to do with  
mutual authentication.
  Let's just say that the developers of SSL have solved these  
problems,  and that you
+
  should use SSL for applications with the strongest security needs.

     We can,  however,  make replay attacks a lot harder by adding a  
timestamp...  Now the
  token looks like

More information about the cvs mailing list