Re: Is there a way to help gtkmm for website translation?

From: Tao Wang <dancefire gmail com>
To: Murray Cumming <murrayc murrayc com>
Cc: gtkmm-list gnome org
Subject: Re: Is there a way to help gtkmm for website translation?
Date: Mon, 3 May 2010 10:22:59 +1000

On Sat, May 1, 2010 at 11:56 PM, Murray Cumming <murrayc murrayc com> wrote:
>> [ URL ]
>>
>> Visit http://www.gtkmm.org, the site will automatically recognize
>> user's locale, and if the language is available, then redirect to the
>> language's page. Otherwise, the default language will be used.
>>
>> Visit http://www.gtkmm.org/{lang}, such as http://www.gtkmm.org/zh_CN,
>> will display the specified language pages.
>>
>> If you are using php+gettext solution, the implementation is very
>> simple.
>
> I would like to avoid using PHP, so I don't have to worry about security
> or any programming in the website at all. People will say it's simple,
> but it's never simple enough.
>

About security, I think you may have some misunderstanding, or unduly
concerned. Based on my experience, if there is no database-related
code, no writing file to the web directory, or no execute system
command in the PHP code, it is very unlikely to have any security
issue. The possiblity of finding a security vulnerability in such case
should be same for PHP, SSI and Apache.

For support multiple language, there is only one parameter,
lang=zh_CN, and one string is read from
$_SERVER['HTTP_ACCEPT_LANGUAGE']. The 'lang' will be used in
'switch(){}', which has never found any issue; the second on, may be
processed by some str_*() function, only one buffer overflow issue has
been found in php development branch. There is no other input from
client. So, there is no chance for a client to hack in the system.

And for SSI, it is not bug-free, because at least I heard one or two
security issues have been found years ago. So, SSI and PHP in this
case have same security.

Back to the topic, if you don't want to use PHP, the only way to
automatically detect browser's language is Apache's content
negotiation mechanism. Here are some links might be useful.

http://en.wikipedia.org/wiki/Content_negotiation
http://httpd.apache.org/docs/2.0/content-negotiation.html
http://www.w3.org/Protocols/rfc2616/rfc2616-sec12.html

-- 
Regards

Tao Wang

Follow-Ups:
- Re: Is there a way to help gtkmm for website translation?
  - From: Murray Cumming

References:
- Re: Is there a way to help gtkmm for website translation?
  - From: Tao Wang
- Re: Is there a way to help gtkmm for website translation?
  - From: Murray Cumming

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]