httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe Jr." <wr...@rowe-clan.net>
Subject Re: Remove <Limit> and <LimitExcept> ?
Date Wed, 22 Sep 2010 00:01:11 GMT
On 9/21/2010 5:16 PM, Igor Galić wrote:
> 
> ----- "Stefan Fritsch" <sf@sfritsch.de> wrote:
> 
>> On Monday 20 September 2010, Greg Stein wrote:
>>> The Limit/LimitExcept directives are very handy and important when
>>> mod_dav is being used. In fact, LimitExcept was created
>>> specifically in order to avoid listing every new method that might
>>> come along via DAV specs and such.
>>>
>>> As long as an alternative is available, then I don't care. But the
>>> functionality is very important.
>>
>> I am not a heavy DAV user. But I think most useful uses of 
>> Limit/LimitExcept are already possible with the combination "Require 
>> method", <RequireAny>, and <RequireAll>. See 
>> http://httpd.apache.org/docs/trunk/mod/mod_authz_host.html#reqmethod
> 
> Alternatively you can also use
> 
>    Require not method GET POST OPTIONS

Would this be a better patch here in our example config;

Index: docs/conf/extra/httpd-dav.conf.in
===================================================================
--- docs/conf/extra/httpd-dav.conf.in	(revision 775681)
+++ docs/conf/extra/httpd-dav.conf.in	(working copy)
@@ -28,9 +28,9 @@

     # Allow universal read-access, but writes are restricted
     # to the admin user.
-    <LimitExcept GET POST OPTIONS>
+    <MethodExcept GET POST OPTIONS>
         require user admin
-    </LimitExcept>
+    </MethodExcept>
 </Directory>

 #

Feel free to go ahead and fix our example to the new Require API.

Mime
View raw message