httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <>
Subject Re: mod_cern_meta problems with recent change
Date Wed, 25 Jun 1997 08:28:39 GMT
Marc Slemko:
> Do you have any access configs on your server to limit requests so that
> *.web and *.meta files can't be read?
> Dean changed it to do a subrequest to check that the metafile can be read
> instead of just a stat.

What?  That sounds like overkill to me.  If the meta file is there and
readable from a stat then it will be sent out of the server in its
entirety.  What then is the problem with attempting to access it
directly?  Even if someone *did* want to do this (I can't think why
they'd want to) all they're going to receive in the way of 'stolen
goods' is what they get anyway when they access other items in the same
'directory'.  And well, if the directory is protected from access then
they're not gonna get as far as mod_cern_meta to grab the information


> (no, I haven't looked at it either...)
> On Wed, 25 Jun 1997, Randy Terbush wrote:
> > Seems that the recent change to mod_cern_meta has caused a problem.
> > All requests for documents using content negotiation seem to fail 
> > with the server complaining that it cannot read the .web or .meta 
> > file. I have not tracked this down beyond the fact that remove 
> > mod_cern_meta from the server solves the problem.
> > 
> > 
> > 
> > 


View raw message