httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@nueva.pvt.k12.ca.us>
Subject Re: Trouble with Location/SetHandler
Date Fri, 20 Dec 1996 04:05:03 GMT
On Thu, 19 Dec 1996, Rob Hartill wrote:

> No ?, then how does Apache know where the scripts to be printed are ?

Any way it wants.

> The Alias maps the URL to a file, so if <Location > prevents or can
> be made to prevent the mapping, then a ///foo request won't match
> anything in the conf file. Only if <Location> is acted upon will
> (in my theory/proposal) the Alias be expanded.
> 
> See what I mean ?

I see what you mean, but it's not the only case where this problem
occurs.

<Location /secret>
deny from all
</Location>

will allow requests to //secret, even if there are no Alias, or
ScriptAlias, or anything. Just <DocumentRoot>/secret.

In other words, this has to be fixed at the source, in getparents() or
a similar part of the code.

-- 
________________________________________________________________________
Alexei Kosut <akosut@nueva.pvt.k12.ca.us>      The Apache HTTP Server
URL: http://www.nueva.pvt.k12.ca.us/~akosut/   http://www.apache.org/


Mime
View raw message