httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <jwool...@virginia.edu>
Subject Re: cvs commit: httpd-2.0/modules/generators mod_autoindex.c
Date Tue, 05 Feb 2002 15:35:48 GMT
On Tue, 5 Feb 2002, Rodent of Unusual Size wrote:

> jwoolley@apache.org wrote:
> >
> >   List files that would result in HTTP_UNAUTHORIZED in addition to
> >   successes and redirections, since there's a chance the client will
> >   actually have the proper authorization to retrieve them.
>
> -1 (yes, a veto).  Standard security practice: you don't
> expose even meta-information without knowing the user can
> access it.

Reverted.

--Cliff

--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA



Mime
View raw message