httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Plüm, Rüdiger, Vodafone Group <ruediger.pl...@vodafone.com>
Subject RE: "Forbid" directive in core?
Date Mon, 10 Jun 2013 14:13:43 GMT


> -----Original Message-----
> From: Nick Kew [mailto:nick@webthing.com]
> Sent: Montag, 10. Juni 2013 16:02
> To: dev@httpd.apache.org
> Subject: Re: "Forbid" directive in core?
> 
> 
> On 10 Jun 2013, at 14:35, Eric Covener wrote:
> 
> > I'd like to add an immutable Forbid directive to the core and use it
> > in some places in the default configuration instead of "require all
> > denied".
> >
> > http://people.apache.org/~covener/forbid.diff
> >
> > This protects from a broad <Location or <If being added that
> > supercedes Directory/Files.
> >
> > I thought someone might object to the duplication w/ AAA or the
> > presence in the core, so opting for RTC.
> 
> Why indeed in core?

Indeed, why in core?
And what is bad about "require all denied"?

Regards

Rüdiger


Mime
View raw message