httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1023227 - in /httpd/httpd/trunk: CHANGES server/core.c
Date Sat, 16 Oct 2010 09:59:21 GMT
Author: sf
Date: Sat Oct 16 09:59:21 2010
New Revision: 1023227

URL: http://svn.apache.org/viewvc?rev=1023227&view=rev
Log:
core: Log a warning if <Limit> or <LimitExcept> are used. They are
deprecated and may go away in 2.4.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/server/core.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1023227&r1=1023226&r2=1023227&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Oct 16 09:59:21 2010
@@ -6,6 +6,9 @@ Changes with Apache 2.3.9
      Fix a denial of service attack against mod_reqtimeout.
      [Stefan Fritsch]
 
+  *) core: Log a warning if <Limit> or <LimitExcept> are used. They are
+     deprecated and may go away in 2.4. [Stefan Fritsch]
+
   *) mod_ssl: Log certificate information if client cert verification
      fails. PR 50094. [Lassi Tuura <lat cern ch>, Stefan Fritsch]
 
@@ -63,6 +66,7 @@ Changes with Apache 2.3.9
 
   *) core/mod_unique_id: Add generate_log_id hook to allow to use
      the ID generated by mod_unique_id as error log ID for requests.
+     [Stefan Fritsch]
 
   *) mod_cache: Make sure that we never allow a 304 Not Modified response
      that we asked for to leak to the client should the 304 response be

Modified: httpd/httpd/trunk/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1023227&r1=1023226&r2=1023227&view=diff
==============================================================================
--- httpd/httpd/trunk/server/core.c (original)
+++ httpd/httpd/trunk/server/core.c Sat Oct 16 09:59:21 2010
@@ -1664,6 +1664,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_
         return unclosed_directive(cmd);
     }
 
+    ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL,
+                 "%s:%d: <Limit> and <LimitExcept> are deprecated and "
+                 "will likely be removed in 2.4. Use 'Require method', "
+                 "mod_allow_method, or <If> instead.",
+                 cmd->directive->filename, cmd->directive->line_num);
+
     limited_methods = apr_pstrndup(cmd->pool, arg, endp - arg);
 
     if (!limited_methods[0]) {
@@ -3386,11 +3392,11 @@ AP_INIT_RAW_ARGS("<Files", filesection, 
   "Container for directives affecting files matching specified patterns"),
 AP_INIT_RAW_ARGS("<Limit", ap_limit_section, NULL, OR_LIMIT | OR_AUTHCFG,
   "Container for authentication directives when accessed using specified HTTP "
-  "methods"),
+  "methods (DEPRECATED)"),
 AP_INIT_RAW_ARGS("<LimitExcept", ap_limit_section, (void*)1,
                  OR_LIMIT | OR_AUTHCFG,
   "Container for authentication directives to be applied when any HTTP "
-  "method other than those specified is used to access the resource"),
+  "method other than those specified is used to access the resource (DEPRECATED)"),
 AP_INIT_TAKE1("<IfModule", start_ifmod, NULL, EXEC_ON_READ | OR_ALL,
   "Container for directives based on existence of specified modules"),
 AP_INIT_TAKE1("<IfDefine", start_ifdefine, NULL, EXEC_ON_READ | OR_ALL,



Mime
View raw message