From: Stefan Fritsch <sf@apache.org>
Date: Sun, 5 Jan 2014 16:11:29 +0000 (+0000)
Subject: xforms
X-Git-Tag: 2.4.8~290
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1265b8fe92c066ec5e26bdfcddbbca421075e7bd;p=apache

xforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555542 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_auth_digest.html.en b/docs/manual/mod/mod_auth_digest.html.en
index ca6d4df3ba..69e2b5c370 100644
--- a/docs/manual/mod/mod_auth_digest.html.en
+++ b/docs/manual/mod/mod_auth_digest.html.en
@@ -37,7 +37,14 @@
 
     <p>This module implements HTTP Digest Authentication
     (<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
-    provides a more secure alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>.</p>
+    provides an alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> where the
+    password is not transmitted as cleartext. However, this does
+    <strong>not</strong> lead to a significant security advantage over
+    basic authentication. On the other hand, the password storage on the
+    server is much less secure with digest authentication than with
+    basic authentication. Therefore, using basic auth and encrypting the
+    whole connection using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is a much better
+    alternative.</p>
 </div>
 <div id="quickview"><h3 class="directives">Directives</h3>
 <ul id="toc">
@@ -88,9 +95,16 @@
 </div>
 
     <div class="note"><h3>Note</h3>
-    <p>Digest authentication is more secure than Basic authentication,
-    but only works with supporting browsers. As of this writing (December
-    2012) all major browsers support digest authentication.</p>
+    <p>Digest authentication was intended to be more secure than basic
+    authentication, but no longer fulfills that design goal. A
+    man-in-the-middle attacker can trivially force the browser to downgrade
+    to basic authentication. And even a passive eavesdropper can brute-force
+    the password using today's graphics hardware, because the hashing
+    algorithm used by digest authentication is too fast. Another problem is
+    that the storage of the passwords on the server is insecure. The contents
+    of a stolen htdigest file can be used directly for digest authentication.
+    Therefore using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> to encrypt the whole connection is
+    strongly recommended.</p>
     <p><code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> only works properly on platforms
       where APR supports shared memory.</p>
     </div>
diff --git a/docs/manual/mod/mod_auth_digest.html.fr b/docs/manual/mod/mod_auth_digest.html.fr
index 4d47f8466b..c1d6f96799 100644
--- a/docs/manual/mod/mod_auth_digest.html.fr
+++ b/docs/manual/mod/mod_auth_digest.html.fr
@@ -28,6 +28,8 @@
 <a href="../fr/mod/mod_auth_digest.html" title="Français">&nbsp;fr&nbsp;</a> |
 <a href="../ko/mod/mod_auth_digest.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
 </div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+            anglaise pour les changements récents.</div>
 <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authentification utilisateur utilisant les condensés
 MD5</td></tr>
 <tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
diff --git a/docs/manual/mod/mod_auth_digest.xml.fr b/docs/manual/mod/mod_auth_digest.xml.fr
index 31d46fab75..12b5d2d961 100644
--- a/docs/manual/mod/mod_auth_digest.xml.fr
+++ b/docs/manual/mod/mod_auth_digest.xml.fr
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1415961 -->
+<!-- English Revision: 1415961:1555538 (outdated) -->
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->
 
diff --git a/docs/manual/mod/mod_auth_digest.xml.ko b/docs/manual/mod/mod_auth_digest.xml.ko
index edcf4f8359..05f4f95e1a 100644
--- a/docs/manual/mod/mod_auth_digest.xml.ko
+++ b/docs/manual/mod/mod_auth_digest.xml.ko
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="EUC-KR" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:1415961 (outdated) -->
+<!-- English Revision: 105989:1555538 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/mod_auth_digest.xml.meta b/docs/manual/mod/mod_auth_digest.xml.meta
index 7583c0e005..5e68b12cb2 100644
--- a/docs/manual/mod/mod_auth_digest.xml.meta
+++ b/docs/manual/mod/mod_auth_digest.xml.meta
@@ -8,7 +8,7 @@
 
   <variants>
     <variant>en</variant>
-    <variant>fr</variant>
+    <variant outdated="yes">fr</variant>
     <variant outdated="yes">ko</variant>
   </variants>
 </metafile>
diff --git a/docs/manual/mod/mod_authnz_ldap.html.fr b/docs/manual/mod/mod_authnz_ldap.html.fr
index 9e837e8b55..40ab1f2bf0 100644
--- a/docs/manual/mod/mod_authnz_ldap.html.fr
+++ b/docs/manual/mod/mod_authnz_ldap.html.fr
@@ -27,8 +27,6 @@
 <p><span>Langues Disponibles: </span><a href="../en/mod/mod_authnz_ldap.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
 <a href="../fr/mod/mod_authnz_ldap.html" title="Français">&nbsp;fr&nbsp;</a></p>
 </div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
-            anglaise pour les changements récents.</div>
 <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Permet d'utiliser un annuaire LDAP pour l'authentification
 HTTP de base.</td></tr>
 <tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
diff --git a/docs/manual/mod/mod_authnz_ldap.xml.meta b/docs/manual/mod/mod_authnz_ldap.xml.meta
index 7a6a237d9a..4ec661a32d 100644
--- a/docs/manual/mod/mod_authnz_ldap.xml.meta
+++ b/docs/manual/mod/mod_authnz_ldap.xml.meta
@@ -8,6 +8,6 @@
 
   <variants>
     <variant>en</variant>
-    <variant outdated="yes">fr</variant>
+    <variant>fr</variant>
   </variants>
 </metafile>
diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en
index bdf1dcdfd7..c559b1ed1b 100644
--- a/docs/manual/mod/mod_rewrite.html.en
+++ b/docs/manual/mod/mod_rewrite.html.en
@@ -593,13 +593,18 @@ Alias /myapp /opt/myapp-1.2.3
             whether or not it exists, and is a regular file with size greater
             than zero.</li>
 
-            <li>'<strong>-U</strong>' (is existing URL, via
+            <li><p>'<strong>-U</strong>' (is existing URL, via
             subrequest)<br />
             Checks whether or not <em>TestString</em> is a valid URL,
             accessible via all the server's currently-configured
             access controls for that path. This uses an internal
             subrequest to do the check, so use it with care -
-            it can impact your server's performance!</li>
+            it can impact your server's performance!</p>
+            <p> This flag <em>only</em> returns information about things
+            like access control, authentication, and authorization.  This flag
+            <em>does not</em> return information about the status code the 
+            configured handler (static file, CGI, proxy, etc.) would have 
+            returned.</p> </li>
 
             <li>'<strong>-x</strong>' (has e<strong>x</strong>ecutable
             permissions)<br />
diff --git a/docs/manual/mod/mod_rewrite.html.fr b/docs/manual/mod/mod_rewrite.html.fr
index 0a8f546418..2160537a66 100644
--- a/docs/manual/mod/mod_rewrite.html.fr
+++ b/docs/manual/mod/mod_rewrite.html.fr
@@ -635,14 +635,20 @@ la r
 	    vérifie son existence et si elle est un fichier régulier
 	    d'une taille supérieure à zéro.</li>
 
-            <li>'<strong>-U</strong>' (test de l'existence d'une
-	    <strong>U</strong>RL via une sous-requête)<br />
+            <li><p>'<strong>-U</strong>' (test de l'existence d'une
+	    URL via une sous-requête)<br />
 	    Vérifie si <em>chaîne de test</em> est une URL valide,
 	    accessible à travers tous les contrôles d'accès du serveur
 	    actuellement configurés pour ce chemin. C'est une
 	    sous-requête interne qui effectue cette vérification - à
 	    utiliser avec précautions car les performances du serveur
-	    peuvent s'en trouver affectées !</li>
+	    peuvent s'en trouver affectées !</p>
+	    <p>Ce drapeau ne renvoie <em>que</em> des informations
+	    concernant le contrôle d'accès, l'authentification et
+	    l'autorisation. Il ne renvoie <em>pas</em> d'informations
+	    concernant le code d'état que le gestionnaire configuré
+	    (static file, CGI, proxy, etc...) aurait, quant à lui,
+	    retourné.</p></li>
 
 	  <li>'<strong>-x</strong>' (a l'attribut d'exécution positionné)<br />
             Considère la <em>chaîne de test</em> comme un chemin et
diff --git a/docs/manual/platform/windows.html.fr b/docs/manual/platform/windows.html.fr
index 291e32c0fe..f72b305116 100644
--- a/docs/manual/platform/windows.html.fr
+++ b/docs/manual/platform/windows.html.fr
@@ -26,8 +26,6 @@
 <a href="../fr/platform/windows.html" title="Français">&nbsp;fr&nbsp;</a> |
 <a href="../ko/platform/windows.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
 </div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
-            anglaise pour les changements récents.</div>
 
 
     <p>Ce document décrit l'installation, la configuration et
@@ -87,6 +85,7 @@
     <ul>
     <li><a href="http://www.apachehaus.com/cgi-bin/download.plx">ApacheHaus</a></li>
     <li><a href="http://www.apachelounge.com/download/">Apache Lounge</a></li>
+    <li><a href="http://bitnami.com/stack/wamp">BitNami WAMP Stack</a></li>
     <li><a href="http://www.wampserver.com/">WampServer</a></li>
     <li><a href="http://www.apachefriends.org/en/xampp.html">XAMPP</a></li>
     </ul>
diff --git a/docs/manual/platform/windows.xml.meta b/docs/manual/platform/windows.xml.meta
index 166e6d7d31..df994e4ed6 100644
--- a/docs/manual/platform/windows.xml.meta
+++ b/docs/manual/platform/windows.xml.meta
@@ -8,7 +8,7 @@
 
   <variants>
     <variant>en</variant>
-    <variant outdated="yes">fr</variant>
+    <variant>fr</variant>
     <variant outdated="yes">ko</variant>
   </variants>
 </metafile>