Warn about potential of program to unplannedly reveal the content

of various CGI files. PR: ports/25272 Submitted by: Ariff Abdullah <skywizard@time.net.my> Approved by: clement (mentor)
svn path=/head/; revision=133522
2005-04-17 14:53:20 +00:00 · 2005-04-17 14:53:20 +00:00 · 63808043a0 · 2021-03-31 03:12:20 +00:00
commit 63808043a0
parent 6073b6fd91
1 changed files with 9 additions and 0 deletions
--- a/lang/eperl/pkg-message
+++ b/lang/eperl/pkg-message
@ -10,3 +10,12 @@ This program is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 FITNESS FOR A PARTICULAR PURPOSE.  See either the Artistic License or the
 GNU General Public License for more details.
+
+*** WARNING ***
+
+Using eperl in CGI or NHP-CGI mode with a webserver will expose any files
+having extension .html, .phtml, .ephtml, .epl, .pl, or .cgi under the
+document root.
+
+Any files matching those extensions that do not contain eperl script
+may be served to a client verbatim on request.