In this issue

Release: 1.1.1
Beta: None

• " is not escaped in URLs

• A bug which could cause a core dump if a host name lookup failed has been fixed.
• SSI requests logging less bytes than actually transferred has been fixed.

A beta release of Apache 1.2 is expected within the next few days. As soon as it is available, Apache Week will have a special issue listing all the differences - from major new features to a list of API changes. Subsequent issues will contain features explaining how to make the most of the new features in 1.2.

The first beta release of 1.2, to be called 1.2b1, is scheduled for the first week in December. No new features will now be added, and it is undergoing internal testing and any outstanding bugs are being fixed. Documentation on the new features is currently being written.

For a list of some of the new features coming in 1.2, see our Apache 1.2 Sneak Preview. This is now slightly out-of-date and after 1.2b1 is released we will have a full guide to what's new in 1.2 in the next issue.

Persistent connections are a feature in HTTP/1.1 that allows a client and server to use a single connection to request multiple documents. This will make obtaining documents which contain embedded information (such as images) much quicker. However, for a persistent connection to work, the server must know the size of the file it is going to send in advance (or use an special 'transfer encoding'). However when a CGI program is run, the server cannot know in advance how much output the CGI will generate, so it defaults to turning off persistent connections for this connection.

The CGI itself might know how much output it is going to generate, and if it tells the server the persistent connection feature can be used. Apache has been updated so that when a CGI is run, it checks for a "Content-Length" header sent back from the script, and if there is one, it uses it and enables persistent connections (subject to various other protocol-related requirements).

Note that prior to HTTP/1.1, persistent connections were called 'keep-alives'. The above description of persistent connections applies to keep-alives as well.

Over the past few months, Apache Week has brought you in depth features on a range of issues. If you are new to Apache Week and missed the past features, you can get a list of them from our features index.

Most features are 'how to's, explaining a particular feature of Apache and how to use it. We've explained Server Side Includes, User Authentication, Virtual Hosts, Imagemaps, and Content Negotiation. We have also shown how to add new modules to Apache, in Module Soup, and how to Convert from NCSA HTTPd.

Other features have covered key issues related to running a modern web site. We explained Secure Transactions in detail, with particular emphasis of the legal restrictions that apply - both US government exports restrictions and patent issues. Our second most popular feature ever was a guide to the upcoming HTTP/1.1 standard, while the most popular feature was the Apache 1.2 Sneak Preview.

In last week's DBM authentication feature, the sample code to lookup a known key in a DBM file was slightly wrong. The correct code is now available in the issue.