diff options
| -rw-r--r-- | docs/manual/mod/mod_authn_dbd.html.en | 12 | ||||
| -rw-r--r-- | docs/manual/mod/mod_authn_dbd.xml | 10 | ||||
| -rw-r--r-- | docs/manual/mod/mod_authz_dbd.html.en | 14 | ||||
| -rw-r--r-- | docs/manual/mod/mod_authz_dbd.xml | 11 |
4 files changed, 35 insertions, 12 deletions
diff --git a/docs/manual/mod/mod_authn_dbd.html.en b/docs/manual/mod/mod_authn_dbd.html.en index c89cb1c342..996b2d1f87 100644 --- a/docs/manual/mod/mod_authn_dbd.html.en +++ b/docs/manual/mod/mod_authn_dbd.html.en @@ -141,11 +141,11 @@ configuration required in some web applications. <div class="section"> <h2><a name="security" id="security">Preventing SQL injections</a></h2> - <p>It depends on what DBD driver and backend you use. With most - drivers you don't have to do anything : the statement is prepared - by the database at startup, and user input is used only as data. - But you may need to untaint your input. At the time of writing, - the only driver that requires you to take care is FreeTDS.</p> + <p>Whether you need to care about SQL security depends on what DBD driver + and backend you use. With most drivers you don't have to do anything : + the statement is prepared by the database at startup, and user input is + used only as data. But you may need to untaint your input. At the time + of writing, the only driver that requires you to take care is FreeTDS.</p> <p>Please read <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> documentation for more information about security on this scope.</p> </div> @@ -238,7 +238,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/trunk/mod/mod_authn_dbd. } })(window, document); //--><!]]></script></div><div id="footer"> -<p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- if (typeof(prettyPrint) !== 'undefined') { prettyPrint(); diff --git a/docs/manual/mod/mod_authn_dbd.xml b/docs/manual/mod/mod_authn_dbd.xml index 7c27191426..9eda1bf208 100644 --- a/docs/manual/mod/mod_authn_dbd.xml +++ b/docs/manual/mod/mod_authn_dbd.xml @@ -123,11 +123,11 @@ configuration required in some web applications. <section id="security"> <title>Preventing SQL injections</title> - <p>It depends on what DBD driver and backend you use. With most - drivers you don't have to do anything : the statement is prepared - by the database at startup, and user input is used only as data. - But you may need to untaint your input. At the time of writing, - the only driver that requires you to take care is FreeTDS.</p> + <p>Whether you need to care about SQL security depends on what DBD driver + and backend you use. With most drivers you don't have to do anything : + the statement is prepared by the database at startup, and user input is + used only as data. But you may need to untaint your input. At the time + of writing, the only driver that requires you to take care is FreeTDS.</p> <p>Please read <module>mod_dbd</module> documentation for more information about security on this scope.</p> </section> diff --git a/docs/manual/mod/mod_authz_dbd.html.en b/docs/manual/mod/mod_authz_dbd.html.en index 9aeedb4031..8f121782c9 100644 --- a/docs/manual/mod/mod_authz_dbd.html.en +++ b/docs/manual/mod/mod_authz_dbd.html.en @@ -58,6 +58,7 @@ <li><img alt="" src="../images/down.gif" /> <a href="#login">Database Login</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#client">Client Login</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#example">Configuration example</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#security">Preventing SQL injections</a></li> </ul><h3>See also</h3> <ul class="seealso"> <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li> @@ -151,6 +152,17 @@ DBDExptime 300 </Directory> </pre> +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="security" id="security">Preventing SQL injections</a></h2> + + <p>Whether you need to care about SQL security depends on what DBD driver + and backend you use. With most drivers you don't have to do anything : + the statement is prepared by the database at startup, and user input is + used only as data. But you may need to untaint your input. At the time + of writing, the only driver that requires you to take care is FreeTDS.</p> + <p>Please read <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> documentation for more information + about security on this scope.</p> </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="AuthzDBDLoginToReferer" id="AuthzDBDLoginToReferer">AuthzDBDLoginToReferer</a> <a name="authzdbdlogintoreferer" id="authzdbdlogintoreferer">Directive</a></h2> @@ -263,7 +275,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/trunk/mod/mod_authz_dbd. } })(window, document); //--><!]]></script></div><div id="footer"> -<p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- if (typeof(prettyPrint) !== 'undefined') { prettyPrint(); diff --git a/docs/manual/mod/mod_authz_dbd.xml b/docs/manual/mod/mod_authz_dbd.xml index 8b57120ea1..fa1a2bae3b 100644 --- a/docs/manual/mod/mod_authz_dbd.xml +++ b/docs/manual/mod/mod_authz_dbd.xml @@ -135,6 +135,17 @@ DBDExptime 300 </highlight> </section> +<section id="security"> +<title>Preventing SQL injections</title> + <p>Whether you need to care about SQL security depends on what DBD driver + and backend you use. With most drivers you don't have to do anything : + the statement is prepared by the database at startup, and user input is + used only as data. But you may need to untaint your input. At the time + of writing, the only driver that requires you to take care is FreeTDS.</p> + <p>Please read <module>mod_dbd</module> documentation for more information + about security on this scope.</p> +</section> + <directivesynopsis> <name>AuthzDBDQuery</name> <description>Specify the SQL Query for the required operation</description> |