httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Timothy Stone <>
Subject [users@httpd] strange 403 in MSIE...seems js related but...need assistance
Date Fri, 19 Mar 2004 11:43:32 GMT

* This problem seems to be only reproducible in MSIE 5+/Win and in  
Safari 1.2.1/Mac
You can see the problem on the website at

Specifically, on

The images are links that use the rather ubiquitous, and simple,  
javascript function

The resulting window fails to display the image and displays instead  
Forbidden 403.

Currently I'm trying two versions of a simple script:

function openScript( url, width, height ) {
	var Win = ... );

2. more sophisticated, by myself.
function openScript(url) {
	var doc = "";
	win ="","openScript","toolbar=no,resizable=yes,scrollbars=yes,men 
ubar=no,status=no" );
	doc = "<p><img src=\"" + url + "\"></p>";
	win.document.write( doc );

Neither one works. The resulting window opens, but it 403s in the  
Apache error log. *This only happens in MSIE or Safari 1.2.1.* The  
error is very specific stating the client was denied by the server  
configuration. Okay. Well, why does it work in Mozilla or Netscape?

So let's talk about my config.  levittpavilionharrisburg.(com|org) is  
in VirtualHost block. The server is a NameVirtualHost * server.

I'm employing SetEnvIfNoCase Referer to prevent the images from  
"adorning other sites" like so ...

     SetEnvIfNoCase Referer  
"^http://www\.levittpavilionharrisburg\.com/"   local_ref=true
     # fixed the blocking of internal requests for images.
     SetEnvIfNoCase Referer "^http://10\." internal_ref=true
     <FilesMatch ".(gif|jpg|png)">
     	Order Allow,Deny
	    Allow from env=local_ref
	    Allow from env=internal_ref

As near as I can tell from the logs, MSIE and Safari are not sending  
the referer, but "-".

Any ideas?

Many thanks, Tim

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message