aboutsummaryrefslogtreecommitdiff
path: root/lib/Apache
diff options
context:
space:
mode:
authorroot <root@rbsd.ankarstrom.se>2021-04-27 08:21:06 +0000
committerroot <root@rbsd.ankarstrom.se>2021-04-27 08:21:06 +0000
commitc30087fa75fe15ff61e6c334c921497a55372eb7 (patch)
treea16fec41722c8f070ef04ff2c563dd97d498325d /lib/Apache
parente1817d8557e0ba8ae2543b47aef4cdc2b7ad6789 (diff)
downloadApache-Inject-c30087fa75fe15ff61e6c334c921497a55372eb7.tar.gz
Clarify CAVEATS
Diffstat (limited to 'lib/Apache')
-rw-r--r--lib/Apache/Inject.pm24
1 files changed, 20 insertions, 4 deletions
diff --git a/lib/Apache/Inject.pm b/lib/Apache/Inject.pm
index bf50728..1d6f49b 100644
--- a/lib/Apache/Inject.pm
+++ b/lib/Apache/Inject.pm
@@ -182,11 +182,27 @@ intelligently and forwards their combined contents.
=head1 CAVEATS
-Apache::Inject::Filter uses regular expressions to determine the
+Apache::Inject::Filter uses a regular expression to determine the
proper location of the injected header. It supports all valid HTML.
-However, it does not take into account that embedded CSS and
-JavaScript code can contain strings that look like valid opening
-and closing HTML tags.
+However, it does not parse embedded CSS and JavaScript, which means
+that it is I<possible> to construct an example where it will fail:
+
+ <script>
+ /* this looks like the closing tag for script: </script> */
+ /* this looks like an opening tag for a new element: <title> */
+ </script>
+ <body>
+ This is where the header <i>should</i> be inserted.
+ <script>
+ /* this looks like the closing tag for the title: </title>
+ This is where the header is <i>actually</i> inserted.
+ */
+ </script>
+ </body>
+
+This specific type of document, however, is I<incredibly> unlikely.
+In this case, an ad-hoc solution is simpler, more efficient and
+more maintainable than a general one.
On FreeBSD, you may need to enable the accf_http kernel module in
order for the tests to work. Note that Apache::Inject works fine