Monster Media 1996 #15

home *** CD-ROM | disk | FTP | other *** search

/ Monster Media 1996 #15 / Monster Media Number 15 (Monster Media)(July 1996).ISO / os2 / srefv112.zip / INITFILT.DOC < prev next >

Wrap

Text File | 1996-05-25 | 28KB | 758 lines

SRE-FILTER support file. 5/96. This file contains a detailed description of the variables contained in INITFILT.80. Note that in almost all cases the variables are set to equal strings, so remember to put quotes (') aound the stuff on the rhs of the = sign. The following parameters are in alphabetical order (by name of parameter). At the end of this file is a list of file and directory names. Performance hints: a)To speed up percieved performance, with some loss of flexibility we recommend ALL the following settings: auto_header='HEAD' delim_1.2=0 retain_bad_keyphrases='NO' fix_expire=0 (given these setting, SEND is used to immediately send early portions of the document to the client. This tends to speed up overall processing time, but the client sees something sooner) b) If you are willing to NOT have server side includes, then set NO_INCLUDE='YES' (in which case the hint a is irrelevant) c) Turn on GoServe's cache (this will have little effect if your documents have server side includes, or if you have any access controls) d) If you do have access controls, but have some documents that are available to everyone, and these documents do not have server side includes, set up PUBLIC_FILE entries for them (since public_files are cached if possible) ---------------------------- ************ EXPERIMENTAL ::: You'll need to tune GoServe For this to Work Properly! ACCEPT_RANGE: Return only specified range of the request file You can instruct SRE-FILTER to respond to a range: request header. If such a request header is present, SRE-FILTER will extract the "byte range" information, and return only this portion of the request file. For example, Acrobat can use this to request a given page in a long .pdf file. If accept_range=NO, this processing will not occur -- the entire file will always be returned. If accept_range=YES, this processing will occur. Of course, if there is no range: header, then the entire file is returned. Accept range is used when a non-html file is requested, or an html file without server side includes. The output of server side programs, and HTML files with server side includes, are not against byte range -- the entire output is always returned. Example: accept_range='YES' For more information "byte range retrieval", see the document: draft-ieft-http-range-retrieval-00.txt at ds.internic.net. Notes on GoServe and Multi-part sends: GoServe is a bit flaky with multi-part sends. The following seems to work for us (as of 5/96): 1) Get the "2.48" version of goserve -- it's at http://www2.hursley.ibm.com/goserve/gostest.exe (rename it to GOSERVE.EXE and put it in your GOSERVE directory) 2) Set the "limits connection maintain" to 0. GOSERVE.DOC suggests a non-zero value for connection maintain, but it such values seem to cause more trouble then help. ************ ALLOW_ACCESS : Control access to files and server side processing routines. You can check "transfer privileges" for ALL files on a file by file basis by setting the ALLOW_ACCESS variable. YES, no access control INHOUSE: don't check in-house and superusers. NO : don't check superusers. Note that checking involves examination of privilege information on a file by file basis (uses the ACCESS_FILE file, with the default name of \goserv\data\all_file.ctl.) Note2: If you want to control server side processing or server side include privileges on a per url basis, you'll need to set ALLOW_ACCESS to NO or INHOUSE (see description of SSI_ALLOW and SSP_ALLOW below) Example: allow_access='YES' ******** AUTO_HEADER AUTO_HEADER is set whenever you want to automatically generate response headers, based on LINK and META HTTP-EQUIV elements in the <HEAD> of and HTML document. 3 values are supported: NO) Do not generate these headers HEAD) Generate headers for HEAD requests only ALWAYS) Generate headers for HEAD and GET requests. Note that this is only relevant for HTML files. Also note that for "expedited sending", this should NOT equal ALWAYS. Example: AUTO_HEADER="HEAD" ********* AUTO_NAME : Resolving requests for directories. How to deal with non-specific request that are NOT to the root (the /) directory. Set up a space delimited list of potential "directory specific default names". Several special names are supported: *.HTM or *.HTML : means "use the "directory" name, with .HTM or .HTML appended !CREATE : Create a list of links, one for each file in the directory. !CREATE* : Same as !CREATE, but include links to subdirectories Example: AUTO_NAME=" * INDEX.HTM PAGE.HTM DESCRIBE.HTM !CREATE " If a request for xxx/yyy/ (with optional ?abc after the final /) is recieved, then first, yyy.htm is looked for (in datadir/xxx/yyy) second, INDEX.HTM (in datadir/xxx/yyy). Then PAGE.HTM, and then, DESCRIBE.HTM are tried. If all these fail, !CREATE signals "just display a the files in this directory" Note that if !CREATE were not included in this list, and none of the requested files exist, a not_found message is returned. Notes: AUTO_NAME is NOT used when request is to the root (to /) -- DEFAULT is used! You can put a "pathed" name (using /, relative to the data directory) This is one means of handling bad requests (but only if the request ends in a /) -- just put the home page document in the auto_name list: i.e.; auto_name=" * INDEX.HTM /HOMEPAGE.HTM " We strongly recommend putting !CREATE at the end of the list (since !CREATE is "always a match") Example: AUTO_NAME=" * INDEX.HTM " *************** CHECK_ALIAS: Controls whether alias checking occurs. SREFILTR can check all request to see if they are aliases for some other action. Uses of aliases include: implementation of searchable indices assign proper document names to abbreviations (say, to convert an request of OVERVIEW into OVERVIEW.HTM) for document redirection for transferring non-data directory files Setting CHECK_ALIAS to NO suppresses this alias lookup YES causes this lookup to be done for all requests HTM causes this lookup to be done for requests that end in .HTM or .HTML (eg; DOSEARCH.HTMxxx) Example: CHECK_alias="YES" ************ CHECKLOG: When and how to check logons. There are four values: 1) NO -- never check (free access) 2) YES -- check when default document (either explicitily, or if a / is requested). Thus, a request for a specific document will not cause a logon request. 3) ALWAYS -- check on every request. 4) INHOUSE -- Only let IN-HOUSE users in. IN-HOUSE users are determined by the USERCLASS field in the USERS_FILE file, and by the INHOUSEIPS.n variables Note: if ALWAYS or INHOUSE is selected, then GOSERVE will NOT cache GET requests. Example: checklog='NO' ********** DEFAULT -- the "default" (home) page. Use this if default request (say, http://www.joe.com/ ) occurs. Note: it is traditional, but by no means required, to use INDEX.HTM as your default Example: default='eira.htm' ************* DELIMITERS for KEYPHRASES SREFILTR does "server side" includes by looking for keyphrases in your HTML documents. A keyphrase is defined as: delim1 keyword keyvalue delim2. Delim1 and Delim2 are strings (possibly 1 character) that signal the location of the keyphrase. These delimiters should be odd, yet easy to remember (and not likely to occur in your text). You can enter several sets of delimiters. One useful set is the HTML comment delimiters '' . If you use these, the raw document will not look too wierd should it be accidentally sent to the client). For each set of delimiters, You MUST specify both the beginning (DELIM_1) and end (DELIM_2) delimiter. Note that for "expedited sending" delim_1.2 should be set to 0. Examples: delim_1.1="" delim_1.2="{" delim_2.2="}" ******* DISALLOWEDIPS : Stem variable of "disallowed" IP addresses. You can specify a set of ips that are NOT allowed in (a keep out pests option). The rules are the same (* allowed, consecutive numbering, as with inhouseips) Note: This is ALWAYS checked (even if checklog=NO) -- and if a match is found, no logon is requested (They CAN't get in) Example: unallowedips.1 = "149.126.12.*" unallowedips.2="136.12.5.212" Example2: unallowedips.1="*.*.*.*" Only OWNERS and INHOUSEIPS.n folk can get in ! Example3 : unallowedips.1 = 0 means that no one is automatically excluded. Note that DISALLOWEDIPS. is checked after INHOUSEIPS. and OWNERS ************************* DNS_CHECK: Force DNS check before access As a security measure, you might want to look up the IP name of the client (using the client's IP address and his DNS). If no name can be found, logon is not allowed. NO: do not force access YES: Force lookup of IP name before allowing access Althoug this will provide some security agains "fake" IP addresses, it will also slow down response time. ********* FIX_EXPIRE: For fixing the GoServe automatic response header. If FIX_EXPIRE > 0 , then instead of returning the default GoServe response headers, SRE-FILTER will generate it's own. In particular, it will add FIX_EXPIRE "fractions of a day" to the current date/time, and use it as the File-Expires date. If FIX_EXPIRE=0, then the default GoServe response headers will be used -- plus any headers that may have been specified using the META and LINK elements in the HEAD (see AUTO_HEADER). This can be useful when relatively static (that do not depend on the current "hour") server side includes are performed. In such cases, GoServe automatically sets the expiration time to be the current moment. This can be a hassle for some clients (Netscape will reload such "expired" documents if "backed up" to). Note that a value of FIX_EXPIRE=0.1 = .1 * 24 hours = 2.4 hours. Also note that for "expedited sending", this should be set to 0. Example: FIX_EXPIRE=0 ********** HEADERS and FOOTERS: Automatically added to all HTML documents. You can specify a block of HTML code to include at the beginning and the end of the body of the document. This is done by specifying HEADERS.n (n=1...) and FOOTERS.n To suppress this, set HEADERS.1=0 and/or FOOTERS.1=0 Note: HEADERS.n lines are written (consecutively) just after the first <BODY> phrase in your document. FOOTERS.n lines are written just before the last </BODY> phrase in your document. Example: HEADERS.1=' Our docuuments ' FOOTERS.1=' goodbye ' or, to suppress headers and footers HEADERS.1=0 FOOTERS.1=0 *************** HOME_NAME : The name of your organization The colloquial (not necessarily ip name of this domain,) This can be included in a document by using the REPLACE HOME_NAME keyphrase. Note it's use in not_found_url. home_name="DIVISION/AGENCY/DEPARTMENT/GOV" ******* INHOUSEIPS. : Stem variable containing IP address of "in-house" clients. You can specify any number of "in-house IP domains". Just specify the 4 elements -- you can use * for "all" (say * in 111.222.33.*) If Logon controls are desired, then clients with these IPs are automatically given access. The only constraint is that you number consecutively, starting from 1 -- that is, don't skip around! In addition, you can specify extra privileges on each inhouseips. entry. Example: inhouseips.1="151.121.64.*" inhouseips.2="151.121.65.* VIEWMESS CONTROL " (All clients from 151.121.65.xxx are given VIEWMESS and CONTROL privileges, in addition to the privileges contained in the INHOUSE_PRIVS variable) If there are NO in-house IP domains, set inhouseips.1=0 **************** INHOUSE_NAME:. Name of In-house user class. This is used for a few internally generated messages. Example: inhouse_name="OUR-DOMAIN" ******* INHOUSE. and SUPERUSERS. The following are special variables used with the INHOUSE.n and SUPERUSER.n replacement strings (see decripition of the REPLACE keyphrase). They will be displayed only for "inhouse" and "superusers", respectively. Note that INHOUSE.n variables correspond to INHOUSE.n replacement strings, and SUPERUSER.n variables correspond to SUPERUSER.n replacement strings. Examples: inhouse.1=" (Staff Version) " inhouse.2=' .. more staff stuff ' superuser.1="(Super User)" ************** INHOUSE_PRIVS. Privileges for IN-HOUSE clients. A space delimited list of privileges to be granted to OWNERS and IN-HOUSE clients. It is HIGHLY recommended that INHOUSE_PRIVS always contain INHOUSE as one of the privileges! Note that one might wish to add VIEWMESS as an INHOUSE privilege (VIEWMESS gives access to the message-boxes) Example: inhouse_privs=" INHOUSE VIEWMESS " ********** ISMAP_URL : "Mappable image" signifier string. ISMAP_URL is the special "mappable image" identifier-string. When this identifier-string appears in a request-string, SRE-FILTER assumes that the request "is a response from a mappable image" For example, if ismap_url=/MAPIMAGE, then urls of the form: /MAPIMAGE/GIFSDIR/USMAP.MAP?123,312 will be interpreted as "pixel 123,312, in combination with the instructions contained in /GISDIR/USMAP.MAP will select a URL to redirect the client to" (where USMAP.MAP is an NCSA style MAP file) Note that MAPIMAGE/ is NOT considered to be part of the directory name-- it is treated as a flag! ismap_url="MAPIMAGE/" -- note that the leading / is optional. ***************** MAX_POINTDIST : Used with the POINT type in mappable images. Max_pointdist is used with mappable images. The "point" area, is one of the 4 types of areas (circle, rectangles, polygons, points) used in selecting a URL from a mappable image. If a selected pixel does not lie in one of the first 3, or does not lie directly on top of a point; SRE-FILTER determines to which (of the many possible different points that may appear in the map file) the selected pixel is closest to. However, if the distance to this closest point is greater then max_pointdist, then the Default URL is used. Thus, this limits the region of space "potentially assigned" to each point. Of course, setting max_pointdist to be very high (say, 100000), will effectively cancel this limit. Example: max_pointdist=50 *********** MACROSPACE_INPUT: Suppress loading parameter files into macrospace. To speed up processing, SRE-FILTER caches the various parameter files (such as the INITFILT_FILE and the ALIAS_FILE) into macrospace. If desired, you can suppress this. You may want to do this if you are running multiple instances of GoServe (using different ports) -- if each instance uses a different set of parameter files, it is safest to forgo the use of a "single set" of macrospace-cached parameter files. ********* MESS_HIT_LINE : Used to write OPTION info instead of counts Mess_hit_line is used to write out "# hits drawn from an OPTION passed to me" -- that is, it used with the REPLACE MESS_HITS keyphrase Example: mess_hit_line=":: still access # " ************* NO_PROCESSING: Suppress server side processing Switch to dictate whether or not to allow server side processing. YES - Do NOT do allow server side processing If YES, then requests for server side processing will cause a 401 Unauthorized message to be returned to the client. NO - Allow server side processing. Example: no_processing="NO" ************ NO_INCLUDE: Suppress server side includes. Switch to dictate whether or not to attempt "dynamic" page creation (i.e. processing HEADERS, FOOTERS, and the SELECT, INCLUDE, REPLACE, OPTION, and MESSAGE keyphrases) YES - Do NOT do dynamic page processing. Files sent as is (if keyphrases occur, they will be unmodified). If you NEVER include these keyphrases, and you want to speed up processing a bit, set this to "YES" NO - Create dynamic pages (that is, search for and process the INCLUDE, REPLACE, and MESSAGE keyphrases). Example: no_include="NO" ********** NOEXT_TYPE: Determine how to handle "no extension" request strings. NOEXT_TYPE is used to instruct SRE-FILTER what to do with requests that have no extension, do not end in a /, and do not have ? in them. There are several allowed values of NOEXT_TYPE: DIR : Interpret as a directory; a / is appended to the end, and AUTO_NAME is then used. HTM or HTML : Interpret as an HTML file (a .HTM or .HTML is appended to the end, respectively) NONE: Use as is other_string: Append other_string. For example, if NOEXT_TYPE=.GIF, then .GIF will be appended to the end). Example: NOEXT_TYPE="DIR" *************** NOT_FOUND_URL : A message if URL not found. This message is sent along with the "not found url" response. Note that it should be a valid HTML string. Set it to " " if you want no such message sent. Example: not_found_url='<a href="/"> Visit the '||home_name||' page? </a> ' ************************* NO_GETAFILE_CONTROL : Control access to GETAFILE routine. You can limit the availability of the GETAFILE facility (do this if you don't want just anyone being able to list the files in your data directory). This is done by setting NO_GETAFILE_CONTROL to one of 3 values YES : Everyone can use GETAFILE INHOUSE: Only superusers and in-house users can use getafile NO : Only superusers can use getafile. Example: NO_getafile_control="YES" ********** OWNERS: Assigned SUPERUSER privileges Owners are always given SUPERUSER privileges. You can specify any number of owners, just seperate each of them with a space. Note that wildcards are NOT allowed. If there are no owners, set owners=0. Example: owners = " 151.121.65.163 " ************ PRE_FILTER: Call a user written pre-filter. PRE_FILTER is used to control whether a user written "pre-filter" is called before SRE-FILTER is given control. It can take 3 values: NO: Do not call a pre-filter. YES: Call a pre-filter after checking logon privileges (if the client does not have logon rights, the pre-filter will not be called) FIRST: Call a pre-filter as the first action (before checking logon rights) ************ PREFILTER_NAME: Name of procedure to call as a pre filter. This should point to an external procedure. As with other external procedures, it will be stored in a file with the name PREFILTER_NAME.80 (in you working directory). If the PREFILTER_NAME variable is missing, a value of "PREFILTR" will be used. Example: PREFILTER_NAME='PREFILTR' ************ POST_FILTER: Call a user written pre-filter. PRE_FILTER is used to control whether a user written "post-filter" is called before SRE-FILTER is given control. It can take 2 values: NO: Do not call a post-filter. YES: Call a pre-filter after sending response to client. Note that if POST_FILTER is active, the POSTFILT procedure (which should be in POSTFILT.80) is called. ************ POSTFILTER_NAME: Name of procedure to call as a post filter. This should point to an external procedure. As with other external procedures, it will be stored in a file with the name POSTFILTER_NAME.80 (in your working directory, assuming that the server is on port 80. If the POSTFILTER_NAME variable is missing, a value of POSTFILT will be used. Example: POSTFILTER_NAME='POSTFILT' **************** PUBLIC_FILES. A stem variable containing a list of publicly accessible URL's. The basic idea is that before logon or access_controls are checked, SRE-FILTER sees if the request string (including any ? and option list) matches one of the PUBLIC_FILES. If so, no logon, etc. checking is attempted. In a sense, the PUBLIC_FILES are purposely placed outside of the 'protection' of SRE-FILTER's various access controls. You can specify any number of URLs that will be available to all clients. When these URLs are requested, logon requirements and access controls are not checked (aliases ARE allowed, but not auto_name and host_name). Wildcards are allowed. Examples: PUBLIC_FILES.1="INDEX.HTM" PUBLIC_FILES.2="MAPS/* " The second gives access to everything in the MAPS/ directory (which might include imagemaps) Note that all files are assumed to be relative to the data directory or a virtual directory. If you have no PUBLIC_FILES, set PUBLIC_FILES.1=0 To reiterate, the request string is examined for matches to one of the PUBLIC_FILES (exact matches are done first). Suggestion: set up a public_file that is a simple alias for a more complicated URL. For example, the default INITFILT.80 and ALIASES.IN support a "let anyone list our public files" facility using: "PUBLIC","GETAFILE*" and "PUBFILES/*" as PUBLIC_FILEs, and PUBLIC as an ALIAS for getafile?dir=pubfiles&etc. ************** PUBLIC_PRIVS. Additional privileges for all clients. A space delimited list of additional privileges to be granted to all clients (possibly in addition to INHOUSE_PRIVS). Set PUBLIC_PRIVS=" " if no additional privileges are needed. Example: public_privs=" PUBLIC " ******* RECORD_OPTION : Select whether to record all allowed requests. If you want to keep a running total for recieved request strings. RECORD_OPTION can take 3 values NO = Do NOT Keep track of requests YES = Remove argument list, and keep track of all requests. YES_ALL = Do not remove argument list, and keep track of all requests. If RECORD_OPTION is <> NO, results will be written to the RECORD_ALL_FILE. The "argument list" is the ? (and anything that follows it) in a URL. If you use YES_ALL, be prepared for your RECORD_ALL_FILE to grow quite large. Note that RECORD_ALL_FILE can be hand-edited. You may want to add appropriate "wildcarded" entries (such as /TEMP/* to keep track of all temporary files, thereby avoiding the creation of lots of meaningless entries). Example: record_option="YES" ************ RETAIN_BAD_KEYPHRASES When processing server side includes, 'bad' keyphrases may occur. Specifically, a keyphrase that begins with one of the keywords (REPLACE, INCLUDE, INTERPRET, SELECT, OPTIONS or #xxx) may have a bad syntax. SRE-FILTER can either retain these (say, as comments); or discard them. To discard them, set RETAIN_BAD_KEYPHRASES='YES'; if RETAIN_BAD_KEYPHRASES='NO'then they will be discared. Note: To use "expedited sending", this should be sent to NO. Example: RETAIN_BAD_KEYPHRASES=NO ************ SMTP_GATEWAY: Domain name of an SMTP server The SMTP_GATEWAY is used by the MAILIT procedure (it uses it to mail E-mail alerts). This should be the domain name of a SMTP mail server. You can use your own Server as the SMTP gateway by running SENDMAIL. Example: SMTP_GATEWAY=MAILBOX.BIG.EDU ********** SSI_ALLOW and SSP_ALLOW If you set ALLOW_ACCESS to INHOUSE or to NO, then SSI (server side includes) and SSP (server side processing) can be controlled on a per URL basis (with wildcarding allowed). When SSI_ALLOW<>"YES", then the ACCESS_FILE is checked for an "allow server side includes" privilege. When SSP_ALLOW<>"YES", then the the ACCESS_FILE is checked for an "allow server side processing" privilege. If SSI privileges are not present, then server side includes will not occur (the document will be sent back with the keyphrases included). If SSP privileges are not present, a server side proccesing request will cause a 401 Unauthorized response to be sent back to the client. ******** UPLOAD_MAXDIST: The maximum size (in Kbytes) allowed in a uploaded file. uploaded files are placed on the server when a GET_URL?URL=http://www.their.org/afile.1 request string is recieved. Set this small (say, 20) if you don't want large files dumped onto your machine. Set it to 0 to disable all file uploads! Example: upload_MAXDIST=50 ******** UPLOAD_MINFREE: The minimum amount of free space (in Kbytes) that must exist in the upload_DIRECTORY's hard drive after uploading a file with GET_URL. Set this large (say 100000) if you want to be certain that your hard drive doesn't get filled up). Example: upload_MINFREE=25000 Note: if either upload_MINFREE or upload_MAXSIZE are violated, file upload will not occur. ********* WEBMASTER: A static variable Webmaster is used for error message et al note: you might also want to put a CONTACT line in the repstrgs_file file. Example: webmaster='<a href="mailto:bb1@farm.ag.gov"> Webmaster </a> ' ******** List of files and directory identifier variables. Change these if you want to use a non-defaults for: SERVDIR) Directory containing GOSERV, SREFILTR, GETPOST, etc. MESSBOX_DIR) Directory containing message boxes, CGI_BIN_DIR) Location of CGI-BIN programs. WORKDIR) Directory to use for creation of "working" files (by external procedures) . upload_DIR) Default location for files uploaded from other servers using the GET_URL facility HOMEDIR) The "home directory" -- it is used whenever a ~ is encountered in a SEL. Note that this is direct textual substitution, no syntax checking occurs. So, be sure your use of ~ in URL's matches the definition set here. A typical value of this would be "HOMEDIR/" COUNTER.CNT) " REPLACE HITS" counter file RECORD_ALL_FILE) "record all requests" counter file SENDFILE_FILE) File used by SENDFILE procedure to keep track of requests. ACCESS_FILE) File used to control access when ALLOW_ACCESS is binding UPLOAD_LOG) Record of "uploaded files" ALIAS_FILE) File containing the aliases. VIRTUAL_FILE) File containing "virtual directory" URL aliases. REPSTGS_FILE) REPLACEment string file USERS_FILE) Username/password file INTERPRET_FILE) File containing blocks of REXX code for use by the INTERPRET: keyphrase. Examples: messbox_dir="e:\GOSERV\DATA" workdir="e:\gohttp\temp" home_dir="HOMEDIR/" upload_dir="E:\goserv\upload" cgi_bin_dir="E:\GOSERV\CGI_BIN" counter_file="e:\GOSERV\DATA\COUNTER.CNT" record_all_file="e:\goserv\data\recrdall.cnt" sendfile_file="e:\GOSERV\DATA\SENDFILE.CTL" access_file="e:\GOSERV\DATA\ALL_FILE.CTL" virtual_file="E:\GOSERV\VIRTUAL.IN" alias_file="e:\GOSERV\ALIASES.IN" repstrgs_file="e:\GOSERV\REPSTRGS.IN" user_file="e:\GOSERV\USERS.IN" interpret_file="e:\GOSERV\INTERPET.IN"