Return-Path:
X-Original-To: apmail-httpd-cvs-archive@www.apache.org
Delivered-To: apmail-httpd-cvs-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
by minotaur.apache.org (Postfix) with SMTP id 62A7418FD7
for ;
Fri, 19 Feb 2016 08:05:28 +0000 (UTC)
Received: (qmail 43141 invoked by uid 500); 19 Feb 2016 08:05:12 -0000
Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org
Received: (qmail 43076 invoked by uid 500); 19 Feb 2016 08:05:12 -0000
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help:
list-unsubscribe:
List-Post:
List-Id:
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 43067 invoked by uid 99); 19 Feb 2016 08:05:12 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO
spamd2-us-west.apache.org) (209.188.14.142)
by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Feb 2016 08:05:12 +0000
Received: from localhost (localhost [127.0.0.1])
by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org)
with ESMTP id F259C1A0386
for ; Fri, 19 Feb 2016 08:05:11 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 0.671
X-Spam-Level:
X-Spam-Status: No, score=0.671 tagged_above=-999 required=6.31
tests=[KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-0.329]
autolearn=disabled
Received: from mx2-lw-us.apache.org ([10.40.0.8])
by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new,
port 10024)
with ESMTP id 6BCCEzorE0L0 for ;
Fri, 19 Feb 2016 08:05:10 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org
[209.188.14.139])
by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTP
id 15D8A5F1E5
for ; Fri, 19 Feb 2016 08:05:10 +0000 (UTC)
Received: from svn01-us-west.apache.org (svn.apache.org [10.41.0.6])
by mailrelay1-us-west.apache.org (ASF Mail Server at
mailrelay1-us-west.apache.org) with ESMTP id 43BE1E00EA
for ; Fri, 19 Feb 2016 08:05:09 +0000 (UTC)
Received: from svn01-us-west.apache.org (localhost [127.0.0.1])
by svn01-us-west.apache.org (ASF Mail Server at svn01-us-west.apache.org)
with ESMTP id 1754E3A0118
for ; Fri, 19 Feb 2016 08:05:09 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1731194 -
/httpd/httpd/branches/2.4.x/docs/manual/sections.xml
Date: Fri, 19 Feb 2016 08:05:08 -0000
To: cvs@httpd.apache.org
From: elukey@apache.org
X-Mailer: svnmailer-1.0.9
Message-Id: <20160219080509.1754E3A0118@svn01-us-west.apache.org>
Author: elukey
Date: Fri Feb 19 08:05:08 2016
New Revision: 1731194
URL: http://svn.apache.org/viewvc?rev=1731194&view=rev
Log:
Improved sections doc for Bug: 58789
Modified:
httpd/httpd/branches/2.4.x/docs/manual/sections.xml
Modified: httpd/httpd/branches/2.4.x/docs/manual/sections.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/sections.xml?rev=1731194&r1=1731193&r2=1731194&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/sections.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/sections.xml Fri Feb 19 08:05:08 2016
@@ -405,13 +405,13 @@ see the Virtual Host D
and ProxyMatch
containers apply enclosed configuration directives only
to sites accessed through mod_proxy's proxy server
-that match the specified URL. For example, the following configuration
-will prevent the proxy server from being used to access the
-www.example.com
website.
+that match the specified URL. For example, the following configuration
+will allow only a subset of clients to access the
+www.example.com
website using the proxy server:
<Proxy "http://www.example.com/*">
- Require all granted
+ Require host yournetwork.example.com
</Proxy>
@@ -510,14 +510,7 @@ are interpreted, it is important to unde
type="section">Directory container in the processing
order.
- Later sections override earlier ones, however each module is responsible
- for interpreting what form this override takes. A later configuration section
- with directives from a given module might cause a conceptual "merge" of some
- directives, all directives, or a complete replacement of the modules
- configuration with the module defaults and directives explicitly listed in
- the later context.
-
-Technical Note
+ Technical Note
There is actually a
<Location>
/<LocationMatch>
sequence performed just before the name translation phase
@@ -525,9 +518,53 @@ are interpreted, it is important to unde
are used to map URLs to filenames). The results of this
sequence are completely thrown away after the translation has
completed.
-
+
+
+Relationship between modules and configuration sections
+ One question that often arises after reading how configuration sections are
+ merged is related to how and when directives of specific modules like mod_rewrite
+ are processed. The answer is not trivial and needs a bit of background.
+ Each httpd module manages its own configuration, and each of its directives in httpd.conf specify one piece
+ of configuration in a particular context. httpd does not execute a command as it is read.
+ At runtime, the core of httpd iterates over the defined configuration sections in the order
+ described above to determine which ones apply to the current request. When the first section matches,
+ it is considered the current configuration for this request. If a subsequent section matches too,
+ then each module with a directive in either of the sections is given a chance to merge its configuration between the two sections. The result is a third configuration, and the process goes on until all the configuration sections
+ are evaluated.
+ After the above step, the "real" processing of the HTTP request begins: each module has a chance to run
+ and perform whatever tasks they like. They can retrieve their own final merged configuration from the core
+ of the httpd to determine how they should act.
+ An example can help to visualize the whole process. The following configuration uses the
+ Header directive of mod_headers to set
+ a specific HTTP header. What value will httpd set in the CustomHeaderName
header for a request to
+ /example/index.html
?
+
+
+
+<Directory "/">
+ Header set CustomHeaderName one
+ <FilesMatch ".*">
+ Header set CustomHeaderName three
+ </FilesMatch>
+</Directory>
+
+<Directory "/example">
+ Header set CustomHeaderName two
+</Directory>
+
+
+
+ - Directory "/" matches and an initial configuration to set the
CustomHeaderName
header with the value one
is created.
+ - Directory "/example" matches, and since mod_headers specifies in its code to override in case of a merge, a new configuration is created to set the
CustomHeaderName
header with the value two
.
+ - FilesMatch ".*" matches and another merge opportunity arises, causing the
CustomHeaderName
header to be set with the value three
.
+ - Eventually during the next steps of the HTTP request processing mod_headers will be called and it will receive the configuration to set the
CustomHeaderName
header with the value three
. mod_headers normally uses this configuration to perfom its job, namely setting the foo header. This does not mean that a module can't perform a more complex action like discarding directives because not needed or deprecated, etc..
+
+
+ This is true for .htaccess too since they have the same priority as Directory in the merge order. The important concept to understand is that configuration sections like Directory and FilesMatch are not comparable to module specific directives like Header or RewriteRule because they operate on different levels.
+
+
-Some Examples
+Some useful examples
Below is an artificial example to show the order of
merging. Assuming they all apply to the request, the directives in
@@ -559,6 +596,7 @@ E.
+
For a more concrete example, consider the following. Regardless of
any access restrictions placed in Directory sections, the