[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security fix that started all this

On Friday 08 September 2006 16:07, Tony Fraser wrote:
> On Fri, 2006-09-08 at 15:43 -0400, Christopher Murtagh wrote:
> >  The plan is to move all the files in users/ into a central database,
> > and the same for user modified templates and css. The advantages this
> > has are:

Templates in the db are tricky, because now we have to provide a way to load 
the templates into the DB.  The time to test/edit/debug a template also 
increases, because of that extra step.

CSS in the database is bad because you lose the ability to let Apache handle 
it.  If you serve it with a .cgi, that's a fork(), exec, load, compile, read 
data, send data.  And you have to make sure you get the nuances like 
Content-type, content-length, and what not right.    Even if you serve it w/ 
mod_perl, it's still much slower than letting apache handle it directly.