httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 37752] New: - .htaccess: 'Order' directive doesn't meet specs
Date Fri, 02 Dec 2005 10:41:10 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37752>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37752

           Summary: .htaccess: 'Order' directive doesn't meet specs
           Product: Apache httpd-1.3
           Version: 1.3.33
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Auth/Access
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: nospam+nohtml@godfatherof.nl


Consider the following .htaccess content:

<Limit GET>
Order Allow,Deny
Satisfy any
Allow from My.Network
Require valid-user
Deny from Evil.Network
</Limit>

The idea is to always deny access from Evil.Network, even with
a valid user identification.

According to the definition of 'Order' this setup should work: 
<quote>
  Any client which does not match an Allow directive or does
  match a Deny directive will be denied access to the server.
</quote>
But it doesn't work; apparently the explicit Deny is ignored.

Note that 'Require' in not explicitly mentioned in the 'Order'
directive specs, but by all means and purposes it appears to
be regarded as, and is acting as, an 'Allow'.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message