In this issue

Release: 1.1.3 (Released 14th January 1997)
Beta: 1.2b6 (Released 26th January 1997)

• Apparent slow performance of CGI scripts, relative to 1.2b4.

• Core dump in some circumstances if a bad directive exists in a .htaccess file
• Now allows redirects when the URL is missing a trailing / to be cached on the browser.
• Updates for A/UX and SCO3, added HI-UX support
• When a CGI issues an internal redirect on a PUT or POST request, Apache tries to read the request body a second time.

Patches to fix some Apache 1.2b6 bugs are available in the 1.2b6 patches directory on the Apache site. More notes on the FIN_WAIT_2 problem are also available.

Apache is currently in a 'beta release' cycle. This is where it is made available prior to full release for testing by anyone interested. Normally during the beta cycle no new major features will be added. The full release of Apache 1.2 is expected in February.

Last week we reported that current versions of Netscape Navigator (including 4.0 beta) cannot understand HTTP/1.1 multipart responses. This sort of response occurs when the browser results parts of a document, instead of a whole document. The Adobe Acrobat plug-in makes use of this feature to selectively get parts of the PDF file. Navigator is using a slightly outdated method of requesting and using byteranges: to sends a "Request-Range" header, and looks for "x-byteranges" on the response. This was used before the HTTP/1.1 specification decided on the current scheme (which is to send a "Range" header, and use "byteranges" in the response).

Fortunately, because Netscape Navigator sends a request which is clearly identifiable (containing the "Request-Range" header) Apache can be updated to look for this header and send the appropriate response. Netscape will use the new HTTP/1.1 format from the next beta of Navigator 4.

Further investigation has revealed that Microsoft Internet Explorer also cannot handle HTTP/1.1 format multipart responses. But unlike Navigator, it does not send the "Request-Range" header. This means that Apache does not send back a reply that MSIE can understand. The only way it could be done is by looking at the user-agent header to see if the client is MSIE of the appropriate version, and sending the correct response. Microsoft will be fixing the problem in Internet Explorer version 4.

Creating and managing user authentication details normally involves using a tool such as dbmmanage. However this program is limited and it does not provide a Web interface. A new tool is available, unconnected with the Apache project, which provides a web interface to user administration. It allows users to change their passwords, and can be used by the administrator to add, modify and delete users and their groups. It can also be run from the command line to replace dbmmanage. It is called "change_password".

Full instructions and download information are available on the author's pages. The program is free.