httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk.vanGu...@jrc.it
Subject Re: [PATCH] PR#817: htaccess ignored if unreadable
Date Mon, 18 Aug 1997 00:01:25 GMT

No I really do think it is a _good_ thing; even though it fundamentally
changes the behaviour. I would opt for a 500 server error though. (or
server config error to be more accurate).

+1 from me.

Dw.


On Sun, 17 Aug 1997, Marc Slemko wrote:

> On Sun, 17 Aug 1997, Randy Terbush wrote:
> 
> > 
> > Or you could just do like IIS does and problem for authentication 
> > all day....  :-)
> > 
> > +1
> > 
> > This should probably go in 1.2.3 as well in case you are asking.
> 
> No, it scares me too much.  Mainly a matter of there being possible
> gotchas; nothing I am aware of, but the change in behavior is probably not
> the best thing to put in 1.2.3.
> 
> > 
> > 
> > > The below changes things so that if the htaccess can't be opened for any
> > > reason other than not existing, the request is denied.
> > > 
> > > This _does_ change the behavior of the server.  It _will_ catch some
> > > people.  Regardless, I think it is important to fix.
> > > 
> > > Note that if you have a case where there is no .htaccess but the directory
> > > is unreadable, then it will be caught by this check instead of the one
> > > later on.
> > > 
> > > I'm also not yet convinced if I should use log_unixerr or make my own one
> > > with log_printf. 
> > > 
> > > It is arguable that it should return HTTP_INTERNAL_SERVER_ERROR instead,
> > > but I prefer forbidden.
> > > 
> > > Index: core/http_config.c
> > > ===================================================================
> > > RCS file: /export/home/cvs/apachen/src/core/http_config.c,v
> > > retrieving revision 1.72
> > > diff -u -r1.72 http_config.c
> > > --- http_config.c	1997/08/06 20:21:21	1.72
> > > +++ http_config.c	1997/08/17 20:59:43
> > > @@ -931,8 +931,15 @@
> > >  	}
> > >  	
> > >  	*result = dc;
> > > -    } else
> > > -	dc = NULL;
> > > +    } else {
> > > +	if (errno == ENOENT)
> > > +	    dc = NULL;
> > > +	else {
> > > +	    log_unixerr("pfopen", filename, 
> > > +		"unable to check for htaccess file", r->server);
> > > +	    return HTTP_FORBIDDEN;
> > > +	}
> > > +    }
> > >  
> > >  /* cache it */
> > >      new = palloc(r->pool, sizeof(struct htaccess_result));
> > 
> > 
> > 
> 
> 


Mime
View raw message