You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2004/05/31 16:36:14 UTC
DO NOT REPLY [Bug 29310] New: -
Allowing only some options in .htaccess
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29310>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29310
Allowing only some options in .htaccess
Summary: Allowing only some options in .htaccess
Product: Apache httpd-2.0
Version: 2.0.49
Platform: All
URL: http://dev.cs.huji.ac.il/~alsbergt/hacks/httpd-2.0.49-
overrideopts.diff
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Other
Component: Core
AssignedTo: bugs@httpd.apache.org
ReportedBy: alsbergt-apache@cs.huji.ac.il
CC: alsbergt-apache@cs.huji.ac.il
In the URL noted is a patch I wrote to add an option "AllowOverrideOpts" to the
directory context, which will specify which options are allowed to be overriden
in .htaccess files (using AllowOverride you can only specify whether options may
be overridden). That's useful for us, for example, since globally Indexes are
disabled, but if someone wishes to, he can enable Indexes for his web page (and
subdirectories) or whatever, while we don't want to let people change other options.
This patch might not be fully complete or up to the Apache conventions, but I
tried to write it as clean as possible given the time I have. Please tell me if
there are problems with it. In the patch there is also very short documentation
for this option.
I only tested, with version 2.0.49, on FreeBSD 4.9, that without that option the
default (previous) behaviour is still used (All), and that specifying it has the
desired effect of only allowing those options to be overridden. Perhaps there
are other things to test with it.
I'd be glad to have this patch (or a variant of it) integrated, to save us from
further patching of new versions, and so it might be useful to others as well.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org