You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by Eric Covener <co...@gmail.com> on 2016/04/01 15:48:17 UTC
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
I am -0.9 on this info in the manual, for a relatively low severity bug.
On Fri, Apr 1, 2016 at 9:31 AM, <el...@apache.org> wrote:
> Author: elukey
> Date: Fri Apr 1 13:31:28 2016
> New Revision: 1737382
>
> URL: http://svn.apache.org/viewvc?rev=1737382&view=rev
> Log:
> Added warning for AllowOverrideList None in the mod-core doc (PR 58528)
>
> Modified:
> httpd/httpd/trunk/docs/manual/mod/core.xml
>
> Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1737382&r1=1737381&r2=1737382&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
> +++ httpd/httpd/trunk/docs/manual/mod/core.xml Fri Apr 1 13:31:28 2016
> @@ -328,6 +328,14 @@ NoDecode option available in 2.3.12 and
> completely ignored. In this case, the server will not even attempt
> to read <code>.htaccess</code> files in the filesystem.</p>
>
> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
> + <p><directive module="core">AllowOverrideList</directive> will not prevent
> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
> + you are unable to upgrade to httpd > 2.4.18</p>
> + </note>
> +
> <p>When this directive is set to <code>All</code>, then any
> directive which has the .htaccess <a
> href="directive-dict.html#Context">Context</a> is allowed in
> @@ -520,6 +528,14 @@ AllowOverride AuthConfig Indexes
> ignored. In this case, the server will not even attempt to read
> <code>.htaccess</code> files in the filesystem.</p>
>
> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
> + <p><directive module="core">AllowOverrideList</directive> will not prevent
> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
> + you are unable to upgrade to httpd > 2.4.18</p>
> + </note>
> +
> <p>Example:</p>
>
> <highlight language="config">
>
>
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Luca Toscano <to...@gmail.com>.
2016-04-01 16:32 GMT+02:00 Eric Covener <co...@gmail.com>:
> On Fri, Apr 1, 2016 at 10:05 AM, Luca Toscano <to...@gmail.com>
> wrote:
> > Yep I thought what was best too and decided to commit on trunk to gather
> > some feedback. The Bug is low severity but as stated in users@ the
> > documentation says X and httpd does the opposite, getting people
> confused.
> > IMHO we should advertise directives that are not working properly with
> > specific versions of httpd since most of the people does not read CHANGES
> > and Bugzilla (also they tend to be a bit too dense for whoever is not
> > familiar with httpd development/code), but I don't have also a lot of
> > experience within the project to make a strong argument (plus I still
> need
> > to learn a lot).
>
>
> A potential compromise would be a brief <compatibility> note. Still a
> bit of a fudge. Not sure how I feel about it.
>
Change reverted, will follow your advice to avoid these changes in the
future.
Thanks!
Luca
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Luca Toscano <to...@gmail.com>.
2016-04-01 16:32 GMT+02:00 Eric Covener <co...@gmail.com>:
> On Fri, Apr 1, 2016 at 10:05 AM, Luca Toscano <to...@gmail.com>
> wrote:
> > Yep I thought what was best too and decided to commit on trunk to gather
> > some feedback. The Bug is low severity but as stated in users@ the
> > documentation says X and httpd does the opposite, getting people
> confused.
> > IMHO we should advertise directives that are not working properly with
> > specific versions of httpd since most of the people does not read CHANGES
> > and Bugzilla (also they tend to be a bit too dense for whoever is not
> > familiar with httpd development/code), but I don't have also a lot of
> > experience within the project to make a strong argument (plus I still
> need
> > to learn a lot).
>
>
> A potential compromise would be a brief <compatibility> note. Still a
> bit of a fudge. Not sure how I feel about it.
>
Change reverted, will follow your advice to avoid these changes in the
future.
Thanks!
Luca
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Eric Covener <co...@gmail.com>.
On Fri, Apr 1, 2016 at 10:05 AM, Luca Toscano <to...@gmail.com> wrote:
> Yep I thought what was best too and decided to commit on trunk to gather
> some feedback. The Bug is low severity but as stated in users@ the
> documentation says X and httpd does the opposite, getting people confused.
> IMHO we should advertise directives that are not working properly with
> specific versions of httpd since most of the people does not read CHANGES
> and Bugzilla (also they tend to be a bit too dense for whoever is not
> familiar with httpd development/code), but I don't have also a lot of
> experience within the project to make a strong argument (plus I still need
> to learn a lot).
A potential compromise would be a brief <compatibility> note. Still a
bit of a fudge. Not sure how I feel about it.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Eric Covener <co...@gmail.com>.
On Fri, Apr 1, 2016 at 10:05 AM, Luca Toscano <to...@gmail.com> wrote:
> Yep I thought what was best too and decided to commit on trunk to gather
> some feedback. The Bug is low severity but as stated in users@ the
> documentation says X and httpd does the opposite, getting people confused.
> IMHO we should advertise directives that are not working properly with
> specific versions of httpd since most of the people does not read CHANGES
> and Bugzilla (also they tend to be a bit too dense for whoever is not
> familiar with httpd development/code), but I don't have also a lot of
> experience within the project to make a strong argument (plus I still need
> to learn a lot).
A potential compromise would be a brief <compatibility> note. Still a
bit of a fudge. Not sure how I feel about it.
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Luca Toscano <to...@gmail.com>.
Hi Eric and Rüdiger,
2016-04-01 15:59 GMT+02:00 Rüdiger Plüm <r....@gmx.de>:
>
>
> On 04/01/2016 03:48 PM, Eric Covener wrote:
> > I am -0.9 on this info in the manual, for a relatively low severity bug.
>
> +1. We don't do this kind of stuff in the documentation. This is what
> CHANGES and Bugzilla are for.
>
Yep I thought what was best too and decided to commit on trunk to gather
some feedback. The Bug is low severity but as stated in users@ the
documentation says X and httpd does the opposite, getting people confused.
IMHO we should advertise directives that are not working properly with
specific versions of httpd since most of the people does not read CHANGES
and Bugzilla (also they tend to be a bit too dense for whoever is not
familiar with httpd development/code), but I don't have also a lot of
experience within the project to make a strong argument (plus I still need
to learn a lot).
Is there any compromise that we can think of to avoid a misleading
documentation entry like this one?
Thanks!
Luca
Re: svn commit: r1737382 - /httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Luca Toscano <to...@gmail.com>.
Hi Eric and Rüdiger,
2016-04-01 15:59 GMT+02:00 Rüdiger Plüm <r....@gmx.de>:
>
>
> On 04/01/2016 03:48 PM, Eric Covener wrote:
> > I am -0.9 on this info in the manual, for a relatively low severity bug.
>
> +1. We don't do this kind of stuff in the documentation. This is what
> CHANGES and Bugzilla are for.
>
Yep I thought what was best too and decided to commit on trunk to gather
some feedback. The Bug is low severity but as stated in users@ the
documentation says X and httpd does the opposite, getting people confused.
IMHO we should advertise directives that are not working properly with
specific versions of httpd since most of the people does not read CHANGES
and Bugzilla (also they tend to be a bit too dense for whoever is not
familiar with httpd development/code), but I don't have also a lot of
experience within the project to make a strong argument (plus I still need
to learn a lot).
Is there any compromise that we can think of to avoid a misleading
documentation entry like this one?
Thanks!
Luca
Re: svn commit: r1737382 -
/httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Rüdiger Plüm <r....@gmx.de>.
On 04/01/2016 03:48 PM, Eric Covener wrote:
> I am -0.9 on this info in the manual, for a relatively low severity bug.
+1. We don't do this kind of stuff in the documentation. This is what CHANGES and Bugzilla are for.
Regards
Rüdiger
>
> On Fri, Apr 1, 2016 at 9:31 AM, <el...@apache.org> wrote:
>> Author: elukey
>> Date: Fri Apr 1 13:31:28 2016
>> New Revision: 1737382
>>
>> URL: http://svn.apache.org/viewvc?rev=1737382&view=rev
>> Log:
>> Added warning for AllowOverrideList None in the mod-core doc (PR 58528)
>>
>> Modified:
>> httpd/httpd/trunk/docs/manual/mod/core.xml
>>
>> Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
>> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1737382&r1=1737381&r2=1737382&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
>> +++ httpd/httpd/trunk/docs/manual/mod/core.xml Fri Apr 1 13:31:28 2016
>> @@ -328,6 +328,14 @@ NoDecode option available in 2.3.12 and
>> completely ignored. In this case, the server will not even attempt
>> to read <code>.htaccess</code> files in the filesystem.</p>
>>
>> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
>> + <p><directive module="core">AllowOverrideList</directive> will not prevent
>> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
>> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
>> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
>> + you are unable to upgrade to httpd > 2.4.18</p>
>> + </note>
>> +
>> <p>When this directive is set to <code>All</code>, then any
>> directive which has the .htaccess <a
>> href="directive-dict.html#Context">Context</a> is allowed in
>> @@ -520,6 +528,14 @@ AllowOverride AuthConfig Indexes
>> ignored. In this case, the server will not even attempt to read
>> <code>.htaccess</code> files in the filesystem.</p>
>>
>> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
>> + <p><directive module="core">AllowOverrideList</directive> will not prevent
>> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
>> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
>> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
>> + you are unable to upgrade to httpd > 2.4.18</p>
>> + </note>
>> +
>> <p>Example:</p>
>>
>> <highlight language="config">
>>
>>
>
>
>
Re: svn commit: r1737382 -
/httpd/httpd/trunk/docs/manual/mod/core.xml
Posted by Rüdiger Plüm <r....@gmx.de>.
On 04/01/2016 03:48 PM, Eric Covener wrote:
> I am -0.9 on this info in the manual, for a relatively low severity bug.
+1. We don't do this kind of stuff in the documentation. This is what CHANGES and Bugzilla are for.
Regards
Rüdiger
>
> On Fri, Apr 1, 2016 at 9:31 AM, <el...@apache.org> wrote:
>> Author: elukey
>> Date: Fri Apr 1 13:31:28 2016
>> New Revision: 1737382
>>
>> URL: http://svn.apache.org/viewvc?rev=1737382&view=rev
>> Log:
>> Added warning for AllowOverrideList None in the mod-core doc (PR 58528)
>>
>> Modified:
>> httpd/httpd/trunk/docs/manual/mod/core.xml
>>
>> Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
>> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1737382&r1=1737381&r2=1737382&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
>> +++ httpd/httpd/trunk/docs/manual/mod/core.xml Fri Apr 1 13:31:28 2016
>> @@ -328,6 +328,14 @@ NoDecode option available in 2.3.12 and
>> completely ignored. In this case, the server will not even attempt
>> to read <code>.htaccess</code> files in the filesystem.</p>
>>
>> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
>> + <p><directive module="core">AllowOverrideList</directive> will not prevent
>> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
>> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
>> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
>> + you are unable to upgrade to httpd > 2.4.18</p>
>> + </note>
>> +
>> <p>When this directive is set to <code>All</code>, then any
>> directive which has the .htaccess <a
>> href="directive-dict.html#Context">Context</a> is allowed in
>> @@ -520,6 +528,14 @@ AllowOverride AuthConfig Indexes
>> ignored. In this case, the server will not even attempt to read
>> <code>.htaccess</code> files in the filesystem.</p>
>>
>> + <note><title>AllowOverrideList bug in versions <= 2.4.18</title>
>> + <p><directive module="core">AllowOverrideList</directive> will not prevent
>> + .htaccess files processing when explicitly set with None in httpd versions <= 2.4.18 due to a
>> + <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=58528">bug</a>.
>> + Set only <directive module="core">AllowOverride</directive> to None as workaround if
>> + you are unable to upgrade to httpd > 2.4.18</p>
>> + </note>
>> +
>> <p>Example:</p>
>>
>> <highlight language="config">
>>
>>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org