Return-Path: Delivered-To: apmail-httpd-modules-dev-archive@minotaur.apache.org Received: (qmail 17084 invoked from network); 3 Jan 2011 23:38:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 3 Jan 2011 23:38:29 -0000 Received: (qmail 55512 invoked by uid 500); 3 Jan 2011 23:38:29 -0000 Delivered-To: apmail-httpd-modules-dev-archive@httpd.apache.org Received: (qmail 55487 invoked by uid 500); 3 Jan 2011 23:38:29 -0000 Mailing-List: contact modules-dev-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: modules-dev@httpd.apache.org Delivered-To: mailing list modules-dev@httpd.apache.org Received: (qmail 55477 invoked by uid 99); 3 Jan 2011 23:38:29 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jan 2011 23:38:29 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=10.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of info@bnoordhuis.nl designates 209.85.213.173 as permitted sender) Received: from [209.85.213.173] (HELO mail-yx0-f173.google.com) (209.85.213.173) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jan 2011 23:38:21 +0000 Received: by yxl31 with SMTP id 31so6684855yxl.18 for ; Mon, 03 Jan 2011 15:38:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.236.109.7 with SMTP id r7mr5828839yhg.75.1294097880666; Mon, 03 Jan 2011 15:38:00 -0800 (PST) Received: by 10.236.110.3 with HTTP; Mon, 3 Jan 2011 15:38:00 -0800 (PST) X-Originating-IP: [87.214.96.125] In-Reply-To: References: Date: Tue, 4 Jan 2011 00:38:00 +0100 Message-ID: Subject: Re: Overriding mod_rewrite from another module From: Ben Noordhuis To: modules-dev@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Mon, Jan 3, 2011 at 23:19, Joshua Marantz wrote: > My goal is not to remove authentication from the server; only from messin= g > with my module's rewritten resource. =A0The above statement is just obser= ving > that, while it's possible to shunt off mod_rewrite by returning OK from a= n > upstream handler, the same is not true of mod_authz_host because it's > invoked with a different magic macro. My bad, I parsed your post as 'mod_authz_host is a core module and cannot be removed' which is obviously false but not what you meant. Yes, all auth_checker hooks are run. You can't prevent it but you can catch the 403 on the rebound and complain loudly in the logs. Actually, that's a lie. You can prevent it and that might also answer this next bit... > There may exist some buffer in Apache that's 8k. =A0But I have traced thr= ough > failing requests earlier that were more like 256 bytes. =A0This was repor= ted > as mod_pagespeed Issue > 9 and > resolved by limiting the number of css files that could be combined toget= her > so that we did not exceed the pathname limitations. =A0I'm pretty sure it= was > due to some built-in filter or core element in httpd trying to map the UR= L > to a filename (which is not necessary as far as mod_pagespeed is concerne= d) > and bumping into an OS path limitation (showing up as 403 Forbidden). This might be the doing of core_map_to_storage(). Never run into it myself (with URLs up to 4K, anyway) but there you go. Okay, here is a dirty secret: if you hook map_to_storage and return DONE, you bypass Apache's authentication stack - and nearly all other hooks too. Probably an exceedingly bad idea. You can however use it to prevent core_map_to_storage() from running. Just return OK and you're set. > I'm still interested in your opinion on my solution where I (inspired by > your hack) save the original URL in request->notes and then use *that* in= my > resource handler in lieu of request->unparsed_uri. =A0This change is now > committed to svn trunk (but not released in a formal patch) as > http://code.google.com/p/modpagespeed/source/detail?r=3D348 . Sounds fine, that's the kind of stuff request notes are for.