You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Dean Gaudet <dg...@arctic.org> on 1997/07/24 07:44:06 UTC
[PATCH] ugh, my cern_meta patch sucks
[Wed Jul 23 22:34:23 1997] access to /home/dgaudet/.web failed for
neon-best.transmeta.com, reason: Client denied by server configuration
If I access www.arctic.org/~dgaudet, without the trailing slash, I get
that error in the error_log, right before it does the redirect.
That's because of the subrequest that I added to mod_cern_meta to work
around the security problem of serving meta files which are symlinks.
mod_cern_meta contains this little tidbit:
/* does uri end in a trailing slash? */
if ( r->uri[strlen(r->uri) - 1] == '/' ) {
return DECLINED;
};
It probably should additionally check S_ISDIR (r->finfo.st_mode).
It tests out fine... but again I'm left wondering if the subrequest thing
was a bad idea.
This is for 1.3 and 1.2.2.
Dean
Index: mod_cern_meta.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_cern_meta.c,v
retrieving revision 1.14
diff -u -r1.14 mod_cern_meta.c
--- mod_cern_meta.c 1997/07/17 22:27:34 1.14
+++ mod_cern_meta.c 1997/07/24 05:43:50
@@ -254,7 +254,7 @@
};
/* does uri end in a trailing slash? */
- if ( r->uri[strlen(r->uri) - 1] == '/' ) {
+ if (S_ISDIR(r->finfo.st_mode) || r->uri[strlen(r->uri) - 1] == '/') {
return DECLINED;
};