You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Marc Slemko <ma...@znep.com> on 1998/03/16 16:00:01 UTC
Re: config/1941: AllowOverride ignored in and (fwd)
The following reply was made to PR config/1941; it has been noted by GNATS.
From: Marc Slemko <ma...@znep.com>
To: Apache bugs database <ap...@apache.org>
Cc: Subject: Re: config/1941: AllowOverride ignored in <Directory ~ pattern> and <DirectoryMatch pattern> (fwd)
Date: Mon, 16 Mar 1998 07:50:39 -0700 (MST)
---------- Forwarded message ----------
Date: Mon, 16 Mar 1998 11:56:34 +0000
From: Mike Brudenell <pm...@york.ac.uk>
To: marc@hyperreal.org
Cc: apache-bugdb@apache.org, marc@apache.org
Subject: Re: config/1941: AllowOverride ignored in <Directory ~ pattern> and <DirectoryMatch pattern>
Hello!
--On Fri, Mar 13, 1998 7:04 pm +0000 marc@hyperreal.org wrote:
> Synopsis: AllowOverride ignored in <Directory ~ pattern> and
<DirectoryMatch pattern>
>
> State-Changed-From-To: open-analyzed
> State-Changed-By: marc
> State-Changed-When: Fri Mar 13 11:04:30 PST 1998
> State-Changed-Why:
> What happens if you change your htaccess to have _just_
> an "allow from all" line, ie. no <files ...>?
Changing the .htaccess to just:
Allow from all
makes no difference; access is still denied.
Please forgive me for asking, but are you sure this _should_ work? I ask
because of the following...
0. If I alter the server's access.conf file to:
<Directory />
Allow from all
AllowOverride Limit
</Directory>
<DirectoryMatch "^/htdocs/.*\.ltd">
Deny from all
</DirectoryMatch>
in order to allow directories' .htaccess files to override the server's
settings. Then...
1. If the /htdocs/physics/secret.ltd/.htaccess file contains:
<FilesMatch *>
Allow from all
</FilesMatch>
access IS (correctly) allowed (because the .htaccess file's "Allow"
is overriding the "Deny" established by the pattern in the access.conf
file).
2. BUT if I then alter the .htaccess file to just:
Allow from all
then access is no longer allowed. This seems to suggest that it is now
syntactically wrong and is being ignored?
[When I originally tried (2) I assumed that this was because Allow/Deny had
to be within a <Files> or <FilesMatch> block for an area's .htaccess file.
But your question now makes me wonder whether I was wrong in assuming this.
If it _should_ work then there may be a problem as it doesn't seem to!]
There seems to be another funny which may or may not be related (I asked
this on comp.infosystems.www.servers.unix last week but no-one there has yet
replied)...
If I set up the (1) environment above again, ie:
* Server's access.conf includes:
<Directory />
Allow from all
AllowOverride Limit
</Directory>
<DirectoryMatch "^/htdocs/.*\.ltd">
Deny from all
</DirectoryMatch>
* And the /htdocs/physics/secret.ltd/.htaccess is:
<FilesMatch *>
Allow from all
</FilesMatch>
Then, as expected, requests for documents in the area are satisfied.
And if I change the first block of the above access.conf file to:
<Directory />
Allow from all
AllowOverride None
</Directory>
then again, as expected, requests are now _denied_ (because the server does
not allow the .htaccess file to override the Allow/Deny directives)..
HOWEVER... if I now change the first block of the above access.conf file to:
<Directory />
Allow from all
AllowOverrides Indexes
</Directory>
I would *expect* requests to still be denied (after all the ability of an
.htaccess file to override the "Indexes" category of directives shouldn't
have any effect on being able to override Allow/Deny, which are part of the
"Limit" category).
However in actual fact this DOES let requests be satisfied!
This, along with my main report, makes me think there is something Really
Funny happening in the parsing or processing of the AllowOverride directive
in Apache 1.3b5 (also present in 1.3b3).
Do please feel free to let me know if you want any more information, or for
me to try anything else.
Cheers,
Mike Brudenell
--
The Computing Service, University of York, Heslington, York, YO1 5DD, UK
Tel: +44-1904-433811 FAX: +44-1904-433740 http://www.york.ac.uk/~pmb1/
* Unsolicited commercial e-mail is NOT welcome at this e-mail address. *