Re: [xml] [PATCH] xmlIO HTTPS handler using libcurl [version 2]

Daniel Veillard wrote:

  Thanks for the patch, though I'm still wondering abit about it:
    - I have said in the past that I didn't want to add too much to nano*
    - adding a dependancy to libxml2 always annoys me
on the other hand
    - the patch is nice
    - other people may use this
    - the code is not compiled and the dependancy does not exist by default

I'm still undecided about this, more code means that this gets factored,
which is potentally good for a few users, but grows the maintainance a bit.
Also it seems to me the patch avoids the core of the issue which is authentication, that was one of my main discussion w.r.t. extending
nanohttp is that people wanted auth, and IMHO that was outside the scope
of libxml2, and I suggested to plug curl in and deal with it there.
So how is https really useful if you don't have authentication (or maybe I
missed it and it's done by the curl layer), but I would at least expect
some kind of callback to handle 401 auth requests, and I don't see any in the patch, so I'm wondering what's the limitation here :-)


Yes I agree another dependency is annoying. We are doing forms based authentication over SSL here, so the need to handle http basic/digest type authentication hasn't come up but I can see the usefulness for others.

One thing I had considered is making the curl patch handle http, https, ftp, sftps, and whatever else ( libcurl can handle that would be of interest for xmlIO. As part of that I could add an authentication callback.

Could we say that if you enable curl support, nano http/ftp handlers are disabled at compile time or would you like to approach it some other way? (if the above sounds interesting) If the dependency is really too annoying, no problem, patch can sit on mailing list for others if they need it.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]