>Number: 3244 >Category: config >Synopsis: Inability to customize error 500 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Oct 19 10:30:00 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.3 >Environment: N/A >Description: If in an htaccess file you have the line: ErrorDocument 403 /Errors/Forbidden.html And in a subdirectory of where that htaccess file is present, you create a directory that is chmod'd such that it is not world read (example: chmod 700), the ErrorDocument 403 is NOT read in and the default is used.
PR #2409 disregards this example saying, "Submitter says ... isn't a problem after all", but it is. Didn't want this case to be forgotten about. >How-To-Repeat: create an htaccess file with the line: ErrorDocument 403 "Customized Forbidden Error Message then create a subdirectory under that parent directory that contains that htaccess file and chmod the directory to something like 700 When that directory is tried to access from the web, the default standard forbidden error message is used, not the custom one from ErrorDocument >Fix: Similar to the fix in PR#2409, they are quite similar, I am unable to test if the fixed PR Report #2409, will fix this PR Report as well. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
