[dev] .inc files
Joris Braakman
jorisb@nl.euro.net
Mon, 26 Nov 2001 09:56:25 +0100
On Sat, Nov 24, 2001 at 02:33:02AM -0500, Chuck Hagenbuch wrote:
> Quoting Jon Parise <jon@horde.org>:
>
> > I'll probably take care of this one in the next few weeks by repo
> > copying the files and then deleting their .inc equivalents in the
> > HEAD branches.
>
> Arg. This is going to make my compare_revisions.sh script useless, but I can
> see the logic.
Isn't it the responsibility of the webserver what to serve and not? .inc
file are partial php code, so in theory by parsing it you might get strange
results, even potentially security issues.
Maybe in test.php there can be a security block which checks for security
issues like admin directories public available and .inc files public available.
Just my 2 cents, Joris.