httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject RE: Dropped: [inq] short, concise, and to the point
Date Wed, 04 Oct 2000 14:52:25 GMT
> From: William A. Rowe, Jr. [mailto:wrowe@rowe-clan.net]
> Sent: Wednesday, October 04, 2000 9:47 AM
> 
> I'm dropping the issue in favor of the following additional
> documentation in our existing documentation on using 
> <Directory > and <Location > directives.  However, existing 
> documentation and examples for mod_dav and the phf abuse 
> interceptor contradict this recommendation:
> 
>   [...] 
>   <Location > blocks should only enforce security of the URL it
>   itself exposes.  That is, any <Location > with a SetHandler or
>   DocumentRoot directive can control the access to that URL space.
> 
> Anyone feel this is appropriate/sufficient warning?

Removing "or DocumentRoot" - of course Locations can't set
such a root :-)

Mime
View raw message