www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Faisal Nasim <swift...@bigfoot.com>
Subject general/2451: .htaccess bug!
Date Tue, 16 Jun 1998 06:15:29 GMT

>Number:         2451
>Category:       general
>Synopsis:       .htaccess bug!
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Jun 15 23:20:00 PDT 1998
>Originator:     swiftkid@bigfoot.com
>Release:        1.3b6
Windows 95
There is a bug with .htaccess file.
If I set few parameters, such as
DirectoryIndex xyz.cgi
but don't set the authorization AuthType etc.
The .htaccess is viewable by the browser,
that is, going to http://localhost/.htaccess display the .htaccess file.
And i don't think this file should be displayed publicily.

Please take notice to this problem.
Set the server not to return the file which is same name as
the AccessFileName configuaration directive.
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]

View raw message