httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <r...@imdb.com>
Subject world access using .htaccess files under 1.2b6 (fwd)
Date Fri, 07 Mar 1997 17:54:23 GMT

Hmmm, this sounds dangerously backwards.

---------- Forwarded message ----------
Date: Thu, 6 Mar 1997 23:12:43 -0500 (EST)
From: Ray Lehtiniemi <rayl@crosskeys.com>
To: apache-bugs@apache.org
Subject: world access using .htaccess files under 1.2b6


hi

my .htaccess files don;t seem to work.  the presence of a .htaccess file
seems to be enough to allow world access to the directory.  the following
patch makes it work better: 

*** mod_access.c.old    Thu Mar  6 22:30:30 1997
--- mod_access.c        Thu Mar  6 22:26:07 1997
***************
*** 230,236 ****
      access_dir_conf *a =
          (access_dir_conf *)
           get_module_config (r->per_dir_config, &access_module);
!     int ret = OK;
  
      if (a->order[method] == ALLOW_THEN_DENY) {
          ret = FORBIDDEN;
--- 230,236 ----
      access_dir_conf *a =
          (access_dir_conf *)
           get_module_config (r->per_dir_config, &access_module);
!     int ret = FORBIDDEN;
  
      if (a->order[method] == ALLOW_THEN_DENY) {
          ret = FORBIDDEN;





==========================================================

i don't fully understand the semantics of this stuff yet, but this patch
should eliminate a lot of useless searching, shouldn't it? i think it will
implement the semantics of the above oneliner with half the searching per
request (assuming you're not using mutual failure).  it seems to work okay
for me anyway in a few quick tests.

this is against b6, but b7 hasn't changed this file.  somethings hosed on our
net right now, so i can;t build and test b7, but it should be identical. 


*** mod_access.c.old    Thu Mar  6 22:30:30 1997
--- mod_access.c        Thu Mar  6 22:42:14 1997
***************
*** 230,250 ****
      access_dir_conf *a =
          (access_dir_conf *)
           get_module_config (r->per_dir_config, &access_module);
!     int ret = OK;
  
      if (a->order[method] == ALLOW_THEN_DENY) {
!         ret = FORBIDDEN;
!         if (find_allowdeny (r, a->allows, method))
!             ret = OK;
          if (find_allowdeny (r, a->denys, method))
              ret = FORBIDDEN;
      } else if (a->order[method] == DENY_THEN_ALLOW) {
!         if (find_allowdeny (r, a->denys, method))
!             ret = FORBIDDEN;
          if (find_allowdeny (r, a->allows, method))
              ret = OK;
!     }
!     else {
          if (find_allowdeny(r, a->allows, method) 
            && !find_allowdeny(r, a->denys, method))
            ret = OK;
--- 230,249 ----
      access_dir_conf *a =
          (access_dir_conf *)
           get_module_config (r->per_dir_config, &access_module);
!     int ret = FORBIDDEN;
  
      if (a->order[method] == ALLOW_THEN_DENY) {
!         /* don't search allows, just assume OK and let denys override */
!         ret = OK;
          if (find_allowdeny (r, a->denys, method))
              ret = FORBIDDEN;
      } else if (a->order[method] == DENY_THEN_ALLOW) {
!         /* don't search denys, just assume FORBIDDEN and let allows override */
!         ret = FORBIDDEN;
          if (find_allowdeny (r, a->allows, method))
              ret = OK;
!     } else {
!         /* must search both for mutual-failure */
          if (find_allowdeny(r, a->allows, method) 
            && !find_allowdeny(r, a->denys, method))
            ret = OK;

---------------------------------------------------------------------------
  Ray Lehtiniemi <rayl@crosskeys.com>  




Mime
View raw message