httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch ...@sfritsch.de>
Subject Removing Limit and LimitExcept (was: svn commit: r1023227 - in /httpd/httpd/trunk: CHANGES server/core.c)
Date Tue, 19 Oct 2010 18:48:33 GMT
On Tuesday 19 October 2010, William A. Rowe Jr. wrote:
> On 10/19/2010 12:47 PM, Stefan Fritsch wrote:
> > On Tuesday 19 October 2010, William A. Rowe Jr. wrote:
> >> If it will be gone, let's get rid of it now.  Now that you have
> >> the allowmethod module added, it seems we have sufficient
> >> control paths that will allow users to constrain the accepted
> >> methods, right?
> >> 
> >> <Method > may still prove useful, but the old <Limit > was so
> >> constrained that I think we have that old functionality covered,
> >> now.
> > 
> > Fine with me. I have reverted r1023227.
> 
> Did the removelimit sandbox look good to you, or did we have any
> further changes before we drop that feature?
> 
> http://svn.apache.org/viewvc/httpd/sandbox/replacelimit/
> 
> Comments sought - if we don't have any objections or changes to
> this fork, I know of at least three committers who believe its
> time already, at least with the addition o the allowmethod module,
> eval conditionals and lua.

I have noticed that there are many failures in t/modules/access.t 
because of "AllowOverride Limit" being ignored. In this case, many 
requests that should have been denied have been allowed. Should we 
keep "AllowOverride Limit" as alias for "AllowOverride AuthConfig"? Of 
course the deprecation warning should be kept.

Apart from that, I am fine with the removelimit sandbox. Attached is a 
patch to make the test framework work.


Mime
View raw message