Return-Path: 
 <dev-return-69477-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: (qmail 22585 invoked from network); 19 Sep 2010 18:39:35 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 19 Sep 2010 18:39:35 -0000
Received: (qmail 64142 invoked by uid 500); 19 Sep 2010 18:39:34 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 64068 invoked by uid 500); 19 Sep 2010 18:39:34 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 64060 invoked by uid 99); 19 Sep 2010 18:39:34 -0000
Received: from Unknown (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Sep 2010 18:39:34 +0000
X-ASF-Spam-Status: No, hits=-2.3 required=10.0
	tests=RCVD_IN_DNSWL_MED,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: local policy)
Received: from [188.40.99.202] (HELO eru.sfritsch.de) (188.40.99.202)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Sep 2010 18:39:11 +0000
Received: from [10.1.1.6] (helo=k.localnet)
	by eru.sfritsch.de with esmtp (Exim 4.69)
	(envelope-from <sf@sfritsch.de>)
	id 1OxOmp-0005oK-68
	for dev@httpd.apache.org; Sun, 19 Sep 2010 20:38:51 +0200
From: Stefan Fritsch <sf@sfritsch.de>
To: dev@httpd.apache.org
Subject: Re: Remove <Limit> and <LimitExcept> ?
Date: Sun, 19 Sep 2010 20:38:50 +0200
User-Agent: KMail/1.13.5 (Linux/2.6.32-5-amd64; KDE/4.4.5; x86_64; ; )
References: <bug-49927-7868@https.issues.apache.org/bugzilla/>
 <201009190045.40875.sf@sfritsch.de> <4C962F04.9010103@apache.org>
In-Reply-To: <4C962F04.9010103@apache.org>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201009192038.51183.sf@sfritsch.de>
X-Virus-Checked: Checked by ClamAV on apache.org

On Sunday 19 September 2010, Ruediger Pluem wrote:
> On 09/19/2010 12:45 AM, Stefan Fritsch wrote:
> > What do other people think about removing <Limit> and
> > <LimitExcept>  and adding mod_allowmethods from the sandbox to
> > easily forbid some methods? Or would this create too much
> > trouble when upgrading configurations?
> >
> > BTW, we could also add an authz provider to allow things like
> >
> > Require method GET,HEAD,...
> >
> > Though this would be slower than mod_allowmethods because authz 
> > providers have to parse the require line on every request.

This is done, including parsing the require line only once, which has 
the added benefit of catching typos while reading the config.

I would still add mod_allowmethods, because it is really nice for 
globally disabling some methods while not having to worry about authz 
section merging. Anybody disagrees?

> Hm. I don't like it to be removed until be have an agreed
> alternative in trunk. And the question is whether we should still
> do this after we had a first beta release.

Sounds reasonable. But if we intend to remove Limit/LimitExcept in 2.4 
but leave it in the first beta, it should log a really big warning 
that it will be removed in 2.4.