You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ni...@apache.org on 2012/02/01 16:40:03 UTC

svn commit: r1239174 - /httpd/httpd/trunk/docs/manual/mod/core.xml

Author: niq
Date: Wed Feb  1 15:40:03 2012
New Revision: 1239174

URL: http://svn.apache.org/viewvc?rev=1239174&view=rev
Log:
Document AllowOverride Nonfatal option

Modified:
    httpd/httpd/trunk/docs/manual/mod/core.xml

Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1239174&r1=1239173&r2=1239174&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Wed Feb  1 15:40:03 2012
@@ -413,10 +413,29 @@ NoDecode option available in 2.3.12 and 
       module="mod_authz_host">Deny</directive> and <directive
       module="mod_authz_host">Order</directive>).</dd>
 
-      <dt>Nonfatal</dt>
+      <dt>Nonfatal=[Override|Unknown|All]</dt>
 
       <dd>
-      Allow use of AllowOverride option to treat syntax errors in .htaccess as non-fatal.</dd>
+      Allow use of AllowOverride option to treat syntax errors in
+      .htaccess as non-fatal: instead of causing an Internal Server
+      Error, disallowed or unrecognised directives will be ignored
+      and a warning logged:
+      <ul>
+          <li><strong>Nonfatal=Override</strong> treats directives
+              forbidden by AllowOverride as non-fatal.</li>
+          <li><strong>Nonfatal=Unknown</strong> treats unknown directives
+              as non-fatal.  This covers typos and directives implemented
+              by a module that's not present.</li>
+          <li><strong>Nonfatal=All</strong> treats both the above as non-fatal.</li>
+      </ul>
+      <p>Note that a syntax error in a valid directive will still cause
+      an internal server error.</p>
+      <note class="warning"><title>Security</title>
+          Nonfatal errors may have security implications for .htaccess users.
+          For example, if AllowOverride disallows AuthConfig, users'
+          configuration designed to restrict access to a site will be disabled.
+      </note>
+      </dd>
 
       <dt>Options[=<var>Option</var>,...]</dt>