httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 46685] New: 401 sent without WWW-Authenticate header when requesting DirectoryIndex if file protected
Date Mon, 09 Feb 2009 19:18:42 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=46685

           Summary: 401 sent without WWW-Authenticate header when requesting
                    DirectoryIndex if file protected
           Product: Apache httpd-2
           Version: 2.2.3
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_access
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: clement.hermann@free.fr


Hi,

When protecting files (in a <files> or <filesmatch> block), the file which will
be requested via the DirectoryIndex Directive will trigger a 401 response, but
without WWW-Authenticate header.

eg :

DirectoryIndex index.php
<files index.php>
 [Authtype basic stuff]
 require valid-user
</files>

When requesting http://server/index.php, the response is 401 and
WWW-Authenticate header is sent.
When requesting http://server/, the response is 401 but no WWW-Authenticate
header is sent, so no way to access the file.

One can work around this with a rewrite rule or a redirectmatch.

Regards,

Clément Hermann (nodens)


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message