www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: config/3033: module execution order
Date Wed, 23 Sep 1998 16:10:00 GMT
The following reply was made to PR config/3033; it has been noted by GNATS.

From: Marc Slemko <marcs@znep.com>
To: Randy Jae Weinstein <rw263@is7.nyu.edu>
Cc: apbugs@apache.org
Subject: Re: config/3033: module execution order
Date: Wed, 23 Sep 1998 09:05:58 -0700 (PDT)

 On Wed, 23 Sep 1998, Randy Jae Weinstein wrote:
 > > information.  If someone restricts access to an area, they
 > > have restricted access to the area.  You have to access that
 > > area to get "information" (in this case, a redirect), so
 > > you require auth.
 > > 
 > However, if redirect is carried out first, then the user may not even be
 > in the authentication realm! Even if redirect is executed first, the
 > authentication information would _still_ be carried out and one would not
 > sacrifice any restricted information.
 Erm... no.  You are missing the point.  The redirect itself could be the
 restricted information.
 > > As for executing things "in the order they appear in htaccess
 > > files", this makes no sense and is completely unsupportable.
 > > It may sound nice, but if you actually think about how it would
 > > work it would be very ugly.
 > >
 > this would be the best of both worlds, solving both problems. True it
 > might get ugly under the current way apache is done, but maybe for 2.0 it
 > wouldn't be. Atleast suspend the report so the idea isn't lost?
 No, it just doesn't make sense period.  You can't just execute modules in
 some arbitrary order that you try to make up bsaed on the order in the
 htaccess file.  That would be a horrible nightmare to maintain or debug.
 It really doesn't do anything to have a bunch of suspended PRs around that
 aren't going to get addressed because they don't make sense...

View raw message