aboutsummaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
Diffstat (limited to 'README')
-rw-r--r--README23
1 files changed, 20 insertions, 3 deletions
diff --git a/README b/README
index 4a663c0..ebbea98 100644
--- a/README
+++ b/README
@@ -116,10 +116,27 @@ OPERATION
and forwards their combined contents.
CAVEATS
- Apache::Inject::Filter uses regular expressions to determine the proper
+ Apache::Inject::Filter uses a regular expression to determine the proper
location of the injected header. It supports all valid HTML. However, it
- does not take into account that embedded CSS and JavaScript code can
- contain strings that look like valid opening and closing HTML tags.
+ does not parse embedded CSS and JavaScript, which means that it is
+ *possible* to construct an example where it will fail:
+
+ <script>
+ /* this looks like the closing tag for script: </script> */
+ /* this looks like an opening tag for a new element: <title> */
+ </script>
+ <body>
+ This is where the header <i>should</i> be inserted.
+ <script>
+ /* this looks like the closing tag for the title: </title>
+ This is where the header is <i>actually</i> inserted.
+ */
+ </script>
+ </body>
+
+ This specific type of document, however, is *incredibly* unlikely. In
+ this case, an ad-hoc solution is simpler, more efficient and more
+ maintainable than a general one.
On FreeBSD, you may need to enable the accf_http kernel module in order
for the tests to work. Note that Apache::Inject works fine without the