Archive for the ‘web’ Category

Need help with Apache, MultiViews, PHP, and the Content-Type header

Sunday, April 16th, 2006

I’m finally getting into PHP, and have it set up on my computer, but I’m having a problem with Content-Type. Without PHP, if I do, say,

AddType application/xhtml+xml pxhtml
AddType text/html phtml

I’ll get .phtml files served as html and .pxhtml files served as xml. But when I tell it to route them through PHP (with AddHandler php5-script phtml pxhtml), PHP undoes that and rewrites it with its own, always as text/html.

I found the default_mimetype setting in php.ini, but it’s not helping. If I set it to something, all files are served that way, so I can’t distinguish between html and xhtml. If I don’t set it at all, it falls back to the default of text/html. And if I set it to the empty string, it still sets everything to text/html, probably meaning it’s just falling back on the default.

So how can I make it respect MultiViews’ setting?

Trust paths through OpenID

Thursday, April 13th, 2006

Okay. So you know how OpenID is an actually viable identification system? And you know how PGP/GnuPG have a concept of signing other people’s keys to establish trust paths?

Well, I was just thinking about blog comments, and a) how now that I have them re-enabled, I’m getting spam, and b) I’d like to enable OpenID, and I got an idea (which, if you read the first paragraph, you’ve probably already figured out). Why not extend OpenID to also allow trust paths? Basically, if I trust Anne to be a real person and not a spammer, and he trusts Ian, I can be pretty sure that Ian’s not a spammer. And if Ian’s server is compromised and a spammer starts sending stuff as him, or if he’s paid off by the Evil Spam Operators to “trust” them, then I can either blacklist Anne, blacklist Ian, nofollow Anne (so I trust him but don’t trust his contacts), or even just wait for Anne to take care of it.

Obviously it could be fleshed out a bit more (max depth for trust paths?) and in implementations too (temporary blacklist: blacklist Anne for 24 hours and renew automatically if I got any comments through his trust path that looked like spam, else re-trust), but it looks like a start.


Making Apache work

Thursday, April 13th, 2006

Note to future self:the reason your Apache configuration isn’t working is that Gentoo has stupid defaults and puts up extra walls in the name of “security”. You need to edit /etc/apache2/vhosts.d/00_default_vhost.conf and switch the AllowOverride None to All.

Blog upgraded, comments now work

Wednesday, April 12th, 2006

I needed to fix comments here, so I had a few choices. a) Figure out what was wrong, or b) just upgrade and let that fix it.

I upgraded. That fixed it.

As a downside, I no longer have the comment validation plugin. Someone should write a plugin that parses all input as HTML 5 and re-serializes it as valid whatever-language-you’re-using.

Edit: And let the blogspam begin! I’m holding all comments for moderation now. I think you can get around that by registering an account here or something (?) but I basically don’t care yet. Maybe I’ll look into it once I actually understand enough PHP to make changes.

<a href="