httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <>
Subject Re: Apache documentation inadequate for order/allow/deny (fwd)
Date Sat, 19 Apr 1997 18:45:43 GMT
> In addition to clarifying the documentation, I would be grateful if you could
> confirm that the initial state is both as I've determined empirically and that
> it is well-defined rather than being a chance feature of the way the code 
> happens to work, not something to rely on.

The initial state is FORBIDDEN when the order is allow,deny, and OK when the
order is deny,allow. There is, of course, the third possibility,
mutual-failure, in which case the initial state is irrelevant.

This is explicitly coded and should not change in future version.

> On a different but related point, is there any prospect of allowing wildcards
> in allow/deny? In the case that prompted my investigation, the local systems
> to be excluded would at least in part by readily definable by wildcards, but
> are not amenable to simple suffix matching, e.g. "deny from public*.x.y" is
> what's really needed. 
> Adding wildcard matching to the existing string matching seems superficially so
> simple that I presume there must be some fundamental complication or ambiguity
> which it would introduce ... True? Or is it just that there've always been
> higher-priority features to add first?

I'm not aware of any fundamental problems - the main reason is that until
recently we couldn't use regexp, so many places where it would be obvious to
use it still don't.

If you submit a patch then we definitely won't put it in 1.2 (there's a feature
freeze) and will probably have forgotten it by the time we get to the next
verion. But its worth a try!



** Buy "Apache: The Definitive Guide" from **
Ben Laurie                Phone: +44 (181) 994 6435  Email:
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL:
A.L. Digital Ltd,         Apache Group member (
London, England.          Apache-SSL author

View raw message