httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r1031776 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml server/core.c
Date Fri, 05 Nov 2010 20:21:09 GMT
Author: covener
Date: Fri Nov  5 20:21:09 2010
New Revision: 1031776

URL: http://svn.apache.org/viewvc?rev=1031776&view=rev
Log:
PR49823: Make the hardcoded default for AllowOverride match the default config -- None.


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/docs/manual/mod/core.xml
    httpd/httpd/trunk/server/core.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1031776&r1=1031775&r2=1031776&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Nov  5 20:21:09 2010
@@ -6,6 +6,9 @@ Changes with Apache 2.3.9
      Fix a denial of service attack against mod_reqtimeout.
      [Stefan Fritsch]
 
+  *) core: In the absence of any AllowOverride directives, the default is now
+     "None" instead of "All".  PR49823 [Eric Covener]
+
   *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
      <Directory> or <Files>. PR47765 [Eric Covener]
 

Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1031776&r1=1031775&r2=1031776&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Fri Nov  5 20:21:09 2010
@@ -300,7 +300,7 @@ be passed through</description>
 <code>.htaccess</code> files</description>
 <syntax>AllowOverride All|None|<var>directive-type</var>
 [<var>directive-type</var>] ...</syntax>
-<default>AllowOverride All</default>
+<default>AllowOverride None (2.3.9 and later), AllowOverride All (2.3.8 and earlier)</default>
 <contextlist><context>directory</context></contextlist>
 
 <usage>

Modified: httpd/httpd/trunk/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1031776&r1=1031775&r2=1031776&view=diff
==============================================================================
--- httpd/httpd/trunk/server/core.c (original)
+++ httpd/httpd/trunk/server/core.c Fri Nov  5 20:21:09 2010
@@ -114,7 +114,7 @@ static void *create_core_dir_config(apr_
 
     conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL;
     conf->opts_add = conf->opts_remove = OPT_NONE;
-    conf->override = dir ? OR_UNSET : OR_UNSET|OR_ALL;
+    conf->override = OR_NONE;
     conf->override_opts = OPT_UNSET | OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
 
     conf->content_md5 = 2;



Mime
View raw message