You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Tim Oaks <ti...@otago.ac.nz> on 2000/12/07 02:47:51 UTC
general/6940: Regular expressions in .htaccess files do not work as expected.
>Number: 6940
>Category: general
>Synopsis: Regular expressions in .htaccess files do not work as expected.
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Dec 06 17:50:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: tim.oaks@otago.ac.nz
>Release: 1.3.12 and 1.3.14
>Organization:
apache
>Environment:
OS: Tru64 UNIX 4.0F, gcc version 2.95.2 OSF1 celeborn.otago.ac.nz V4.0 1229 alpha
>Description:
I have checked the news groups, I came across the exact problem with no reply on deja news
dated 27/07/2000
Basically I'm trying to restrict access to files in a directory and sub-directories below using a .htaccess file
with the <FilesMatch> directive and regular expressions.
It seems that if there are more than 3 alternatives in a regular expression separated by | then either access control fails completely - these is no block
or there is a total block.
Here's the content of my .htaccess file.
<FilesMatch "(geog.html|pequod|\.gif)">
AuthName "geography"
AuthType Basic
AuthUserFile /WWW/configs/intranet/conf/wwwusers
AuthGroupFile /WWW/configs/intranet/conf/wwwgroups
require group geog
order allow,deny
allow from 139.80.64 139.80.76 139.80.28
deny from 139.80.64.4
satisfy any
</FilesMatch>
The above construct works. If I come in from an allowed IP 139.80.28.*, then I can see pages geog.html, gifs/*.gif and html/pequod*
If I add an extra alternative such as the following
# does not work <FilesMatch "(geog|hyper|pequod).*|\.gif">
It does not work.
The following do or do not work as marked.
# works <FilesMatch "geog.html|hyper.*|\.gif">
# works <FilesMatch "(geog|hyper).*|\.gif">
# works <FilesMatch "geog.html|pequod.*|\.gif">
# does not work <FilesMatch "geog.html|pequod.*|hyperperth.*|\.gif">
# does not work <FilesMatch "geog.html|hyperperth.*|\.gif">
# works <FilesMatch "geog.html|\.gif">
# works <FilesMatch "geog.html|hyper.*|\.gif">
The error message reported at my netscape browser is
Forbidden - you dont have access to access geog.html on this server, and a similar message in the error log
[Thu Dec 7 14:40:56 2000] [error] [client 139.80.28.37] client denied by server
configuration: /WWW/intranet/bb/geog.html
Thanks for your help.
Regards Tim Oaks
>How-To-Repeat:
If you need it, I can put one of your IP's into the range of allowed IP's so you can see the problem.
>Fix:
No.
>Release-Note:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or ]
["Re: general/1098:"). If the subject doesn't match this ]
[pattern, your message will be misfiled and ignored. The ]
["apbugs" address is not added to the Cc line of messages from ]
[the database automatically because of the potential for mail ]
[loops. If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request from a ]
[developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]