DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40217>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40217 ------- Additional Comments From [EMAIL PROTECTED] 2006-08-10 14:39 ------- [collision with joshua] I completely agree with Ruediger that the correct behaviour should be to reveal the existence/non-existence of a resource by name in mod_dav. mod_dav does not however apply any access control checks during a PROPFIND walk, which is certainly a bug: you can do a Depth: infinity walk straight through protected areas, and discover properties of protected resources in a Depth: 1 even if infinity is disabled. Fixing this was somewhat more complicated that just adding a subreq call in the walker because of the error handling IIRC from working on this for mod_dav 1.0. Returning simply a name in a 200 propstat for protected resources is probably correct; not sure how DAV clients will react to such resources though. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
