You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Behlendorf <br...@organic.com> on 1996/11/17 23:41:46 UTC
along with satisfy, there's "referer" and "OnDeny" - ugh!
http://hoohoo.ncsa.uiuc.edu/docs/setup/access/Overview.html
Lists two *other* directives within <Limit> which we'd need to support to claim
"full" NCSA-1.5 compatibility: "referer" and "ondeny":
[referer]
The purpose of the referer directive is to force users to enter a document
from a specified path, instead of jumping in at random. It allows the
webmaster to specify an exact match or wildcard expression to match the
Referer: HTTP header. See the new OnDeny directive as a way to send the
browser to the correct entry point. Note: This is not perfect. There is
nothing to prevent a user from accessing the directory if they are able to
modify the Referer: header that is sent with their browser.
[ondeny]
The purpose of the OnDeny directive is to provide for non-HTTP based access
control, such as via the referer directive. It causes a browser which fails
the Limit to go to a specified URL.
Ugh!! Both directives' functionalities could be accomplished with a
combination of other Apache directives - if our goal is to claim complete NCSA
1.5 compatibility, we should articulate how to do that.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com www.apache.org hyperreal.com http://www.organic.com/JOBS