httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: Removing Limit and LimitExcept
Date Tue, 19 Oct 2010 22:02:08 GMT
On 19.10.2010 22:30, William A. Rowe Jr. wrote:
> On 10/19/2010 3:03 PM, Roy T. Fielding wrote:
>> Of course they will still use it.  If you want to mandate config
>> changes, then release it as httpd 3.x.  Keeling over a website when
>> they perform a *minor* version upgrade is foolish.  Version numbers
>> are cheap.
> The auth config / requires changes significantly already between 2.0, 2.2,
> and 2.4, so they already have to modify their configurations.

Right, although not very nice to users the AAA behaviour changed already 
in the past and I think the gains in this case outweighted the annoyance.

Concerning Limit I agree, that there is a huge risk that users don't 
know about the bad side effects. They intend to restrict access but are 
not aware that they might remove other explicitely configured access 
restrictions by that. I remember very well how astonished I was when I 
first ran into those side effects.

So I agree with removing and in this case forcing users to rethink their 
configuration. IMHO most users do not expect 100% configuration 
compatibility when switching from 2.0 to 2.2 or 2.2 to 2.4. Of course we 
should provide a helpful docs page about configuration incompatibilities.



View raw message