www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: pending/2617: Protecting <APPLET> with mod_access and mod_setenvif
Date Wed, 15 Jul 1998 00:40:01 GMT
The following reply was made to PR pending/2617; it has been noted by GNATS.

From: Marc Slemko <marcs@znep.com>
To: Patrick A Linstruth <patrick@QNET.COM>
Cc: apbugs@hyperreal.org
Subject: Re: pending/2617: Protecting <APPLET> with mod_access and mod_setenvif
Date: Tue, 14 Jul 1998 17:37:56 -0700 (PDT)

 On Tue, 14 Jul 1998, Patrick A Linstruth wrote:
 
 > 
 > That's what we want to block; other servers from accessing our Java code.
 > We are going to have a membership-based site and want to make sure
 > that the world can only access our site and java applets through
 > pre-determined channels.
 > 
 > We only want Apache to allow access to /java/ if it's coming from our
 > server.
 > 
 > This is working as far as references to .html documents in the directory.
 > If the referer is "www.laromance.com" it sends the document.  If it's not
 > from us, it rejects it.  The server is ALWAYS rejecting the <APPLET>
 > tag, regardless of whether it came from our server or not.
 
 Oh.  That isn't what the logs you showed me showed.  They showed a 200
 response, ie. not any sort of access denied.
 
 > 
 > I don't know if this is a bug, or a feature.  The documentation does not
 > make it clear to me.  From my understanding of the modules, this is good
 > way to protect our java applets and should work.
 
 This is almost certainly not Apache's fault.  It doesn't know or care
 about class files.  What I'm guessing that you are running into is some
 clients not sending a referer header when they load applets.  Not much
 Apache can do about that; if it doesn't send the header, it doesn't send
 it.  
 

Mime
View raw message