You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Phil Endecott <sp...@chezphil.org> on 2005/11/17 00:38:02 UTC

[users@httpd] Add header when access is denied

Dear List,

According to the docs for mod_headers you can arange for the header to
be added either for sucessful requests only, or for all requests.  But
it seems to me that the "always" case doesn't really mean always, as the
header is not added when access has been denied.

Here's my particular example:

   Header always append Vary X-moz
   SetEnvIfNoCase X-moz prefetch prefetch
   Order allow,deny
   allow from all
   deny from env=prefetch

I'm trying to put a "Vary: X-moz" header in all responses.  Requests
that have "X-moz: prefetch" are denied.

The Vary: does get added when the request is sucessful:

$ wget -S (URL)
--23:07:19--
            => `index.html'
HTTP request sent, awaiting response...
  1 HTTP/1.1 200 OK
  2 Date: Wed, 16 Nov 2005 23:07:19 GMT
  3 Server: Apache/2.0
  4 Vary: X-moz,Accept-Encoding
  5 Last-Modified: Tue, 01 Nov 2005 18:40:18 GMT
  6 ETag: "64023-1b78-498d4880"
  7 Accept-Ranges: bytes
  8 Content-Length: 7032
  9 Keep-Alive: timeout=15, max=100
10 Connection: Keep-Alive
11 Content-Type: text/html

100%[====================================>] 7,032         --.--K/s


But when the request fails, it is not added:

$ wget --header="X-moz: prefetch" -S (URL)
--23:08:13--
            => `index.html.1'
HTTP request sent, awaiting response...
  1 HTTP/1.1 403 Forbidden
  2 Date: Wed, 16 Nov 2005 23:08:13 GMT
  3 Server: Apache/2.0
  4 Vary: accept-language,accept-charset
  5 Accept-Ranges: bytes
  6 Connection: close
  7 Content-Type: text/html; charset=iso-8859-1
  8 Content-Language: en
  9 Expires: Wed, 16 Nov 2005 23:08:13 GMT
23:08:13 ERROR 403: Forbidden.

This is with 2.0.54.

Is this the expected behaviour?  Is there anything I can do about it?

Cheers,
--Phil.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Add header when access is denied

Posted by Joshua Slive <js...@gmail.com>.

On 11/16/05, Phil Endecott <sp...@chezphil.org> wrote:
> Dear List,
>
> According to the docs for mod_headers you can arange for the header to
> be added either for sucessful requests only, or for all requests.  But
> it seems to me that the "always" case doesn't really mean always, as the
> header is not added when access has been denied.

It appears that you are using the multi-lingual error messages.  What
happens if you use the standard internal error messages or just a
ErrorDocument 403 "Not allowed"

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org