You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Sander Striker <st...@apache.org> on 2002/03/12 10:08:12 UTC
Code questions (server/request.c)
Hi,
As a general note on this file: there seems to be a lot of codedup in
here. Specifically the loc/dir walk caching stuff. Couldn't this
be factored out a bit, possibly using an APR_INLINEd function?
server/request.c:1126
/* It seems this shouldn't be needed anymore. We translated the
x symlink above into a real resource, and should have died up there.
x Even if we keep this, it needs more thought (maybe an r->file_is_symlink)
x perhaps it should actually happen in file_walk, so we catch more
x obscure cases in autoindex sub requests, etc.
x
x * Symlink permissions are determined by the parent. If the request is
x * for a directory then applying the symlink test here would use the
x * permissions of the directory as opposed to its parent. Consider a
x * symlink pointing to a dir with a .htaccess disallowing symlinks. If
x * you access /symlink (or /symlink/) you would get a 403 without this
x * APR_DIR test. But if you accessed /symlink/index.html, for example,
x * you would *not* get the 403.
x
x if (r->finfo.filetype != APR_DIR
x && (res = resolve_symlink(r->filename, r->info, ap_allow_options(r),
x r->pool))) {
x ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
x "Symbolic link not allowed: %s", r->filename);
x return res;
x }
*/
Status?
Sander