You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2005/11/03 16:34:13 UTC
svn commit: r330568 - /httpd/httpd/branches/2.2.x/STATUS
Author: colm
Date: Thu Nov 3 07:34:09 2005
New Revision: 330568
URL: http://svn.apache.org/viewcvs?rev=330568&view=rev
Log:
Move the mod_cache + mod_authz_host problem to being a non-showstopper.
Modified:
httpd/httpd/branches/2.2.x/STATUS
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.2.x/STATUS?rev=330568&r1=330567&r2=330568&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Thu Nov 3 07:34:09 2005
@@ -72,24 +72,6 @@
implementation (you have suggested that) and once 2.2 is
released you can't do that anymore.
- * mod_cache currently trumps mod_authz_host. When serving local content,
- the directives: "Allow from 10.0.0.0/8\nDeny from all" become
- meaningless, as any content cached will be served to any IP address.
- Potential solutions:
- i. mod_cache can be modified to (or be able to) run as a normal
- handler (ie after the map to storage hook has been run) (presently
- vetoed)
- ii. mod_cache can be modified to run the map to storage hook.
- iii. mod_authz_host needs to be re-designed to issue "Vary: *" or
- or set r->no_cache for content like this which should not be
- cached. However figuring out the situation in which there is an
- "Allow from all" tautalogy is non-trivial and error-prone due to
- a) The common "Allow from all" which is set in all previously
- shipped default configs and b) if an admin adds a Deny while an
- entity is cached, it would have no effect.
- References:
- http://mail-archives.apache.org/mod_mbox/httpd-dev/200510.mbox/%3c20051006204601.GA6619@stdlib.net%3e
-
CURRENT VOTES:
* httpd-std.conf and friends
@@ -146,6 +128,23 @@
RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
+
+ * mod_cache currently trumps mod_authz_host. When serving local content,
+ the directives: "Allow from 10.0.0.0/8\nDeny from all" become
+ meaningless, as any content cached will be served to any IP address.
+ Potential solutions:
+ i. mod_cache can be modified to (or be able to) run as a normal
+ handler (ie after the map to storage hook has been run)
+ ii. mod_cache can be modified to run the map to storage hook.
+ iii. mod_authz_host needs to be re-designed to issue "Vary: *" or
+ or set r->no_cache for content like this which should not be
+ cached. However figuring out the situation in which there is an
+ "Allow from all" tautalogy is non-trivial and error-prone due to
+ a) The common "Allow from all" which is set in all previously
+ shipped default configs and b) if an admin adds a Deny while an
+ entity is cached, it would have no effect.
+ References:
+ http://mail-archives.apache.org/mod_mbox/httpd-dev/200510.mbox/%3c20051006204601.GA6619@stdlib.net%3e
* Patches submitted to the bug database:
http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable