httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject Re: more minor 2.0.31 breakage
Date Tue, 05 Feb 2002 10:42:18 GMT

Status update:

Cliff has committed the fix, 
I've have committed the new test.

So I guess this issue is closed now.

On Tue, 5 Feb 2002, Stas Bekman wrote:

> William A. Rowe, Jr. wrote:
> 
> > From: "Stas Bekman" <stas@stason.org>
> > Sent: Monday, February 04, 2002 11:18 PM
> > 
> > 
> > 
> >>>>I think it's a bug. The sub-directory can be password-protected. Does
it 
> >>>>mean that mod_autoindex won't display it, since it'll fail to run the

> >>>>sub-request?
> >>>>
> >>>>
> >>>By design, for better or worse [feel free to debate here.]
> >>>
> >>>The new logic [perhaps 1.3 as well, you would have to look] does a subrequest

> >>>on the /~stas/ url ... and decides it's broken [or inaccessable, or whatever]

> >>>and autoindex won't display it.  What's broken about not displaying things
that
> >>>the user cannot access?
> >>>
> >>I gave an example of a password protected sub-directory. You say that 
> >>it's correct not to display it then? How do you know whether the user 
> >>cannot access this directory? May be he does have the needed access 
> >>credentials.
> >>
> > 
> > Fair enough - we can rescope the rules.  Right now 200s and 300s pass.  The test
> > is right there in autoindex if you would like to change it.
> > 
> > Personally, I never want to see 500'ed resources return OK ;-/
> 
> 
> agreed, but auth required is not 500 ;)
> 
> Here is the new test, I figured trying to add this to the existing 
> autoindex would be a hard thing to do, since so I simply wrote a new 
> test and called it autoindex2.t.
> 
> Currently 2 sub-tests pass
> 
> - normal dir is listed
> - broken is not
> 
> And 1 sub-test that doesn't pass:
> 
> - passwd protected dir should be listed!
> 
> I'm also not sure about the following: error_log says:
> 
> [Tue Feb 05 16:09:57 2002] [alert] [client 127.0.0.1] 
> /home/stas/apache.org/httpd-test/perl-framework/t/htdocs/modules/autoindex2/dir_broken/.htaccess:

> Invalid command 'This_is_a_broken_on_purpose_.htaccess_file', perhaps 
> mis-spelled or defined by a module not included in the server configuration
> 
> but there is no parallel log in access_log to dir_broken. So it may 
> puzzle those who will try to figure out when the error was triggerred. 
> But may be it's OK. I don't know.
> 
> 
> Index: t/conf/extra.conf.in
> ===================================================================
> RCS file: /home/cvs/httpd-test/perl-framework/t/conf/extra.conf.in,v
> retrieving revision 1.33
> diff -u -r1.33 extra.conf.in
> --- t/conf/extra.conf.in	5 Jan 2002 17:20:33 -0000	1.33
> +++ t/conf/extra.conf.in	5 Feb 2002 08:11:36 -0000
> @@ -310,6 +310,10 @@
>           Options +Indexes
>           AllowOverride Indexes
>       </Directory>
> +    <Directory @SERVERROOT@/htdocs/modules/autoindex2>
> +        Options +Indexes
> +        AllowOverride  All
> +    </Directory>
>   </IfModule>
> 
>   ##
> 
> --- /dev/null	Thu Jan  1 07:30:00 1970
> +++ t/modules/autoindex2.t	Tue Feb  5 16:10:20 2002
> @@ -0,0 +1,69 @@
> +use strict;
> +use warnings FATAL => 'all';
> +
> +use File::Spec::Functions qw(catfile catdir);
> +
> +use Apache::Test;
> +use Apache::TestUtil;
> +use Apache::TestRequest;
> +
> +##
> +## mod_autoindex test part II
> +##
> +## this tests how mod_autoindex handles sub-dirs:
> +## normal, with protected access, with broken .htaccess, etc...
> +
> +#my $cfg = Apache::Test::config();
> +my $vars = Apache::Test::config()->{vars};
> +my $documentroot = $vars->{documentroot};
> +my $base_dir = catdir $documentroot, "modules", "autoindex2";
> +my $base_uri = "/modules/autoindex2";
> +
> +# which sub-dir listings should be seen in mod_autoindex's output
> +# 1 == should appear
> +# 0 == should not appear
> +my %dirs = (
> +   dir_normal    => 1, # obvious
> +   dir_protected => 1, #
> +   dir_broken    => 0, #
> +);
> +
> +plan tests => 3;
> +
> +setup();
> +
> +my $res = GET_BODY "$base_uri/";
> +
> +# simply test whether we get the sub-dir listed or not
> +for my $dir (sort keys %dirs) {
> +    my $found = $res =~ /$dir/ ? 1 : 0;
> +    ok t_cmp($dirs{$dir},
> +             $found,
> +             "$dir should @{[$dirs{$dir}?'':'not ']}be listed");
> +}
> +
> +sub setup {
> +    t_mkdir $base_dir;
> +
> +    ### normal dir
> +    t_mkdir catdir $base_dir, "dir_normal";
> +
> +    ### passwd protected dir
> +    my $prot_dir = catdir $base_dir, "dir_protected";
> +    # htpasswd file
> +    t_write_file catfile($prot_dir, "htpasswd"), "nobody:HIoD8SxAgkCdQ";
> +    # .htaccess file
> +    my $content = <<CONTENT;
> +AuthType Basic
> +AuthName "Restricted Directory"
> +AuthUserFile $prot_dir/htpasswd
> +Require valid user
> +CONTENT
> +    t_write_file catfile($prot_dir, ".htaccess"), $content;
> +
> +    ### dir with a broken .htaccess
> +    my $broken_dir = catdir $base_dir, "dir_broken";
> +    t_write_file catfile($broken_dir, ".htaccess"),
> +                "This_is_a_broken_on_purpose_.htaccess_file";
> +
> +}
> 
> 
> _____________________________________________________________________
> Stas Bekman             JAm_pH      --   Just Another mod_perl Hacker
> http://stason.org/      mod_perl Guide   http://perl.apache.org/guide
> mailto:stas@stason.org  http://ticketmaster.com http://apacheweek.com
> http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
> 



_____________________________________________________________________
Stas Bekman             JAm_pH      --   Just Another mod_perl Hacker
http://stason.org/      mod_perl Guide   http://perl.apache.org/guide
mailto:stas@stason.org  http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/


Mime
View raw message