On Win32, Options * yields a 403 for 1.3.9 through cvs head,
probably prior to 1.3.9, also. The request is declared
malformed by ap_os_is_filename_valid. On Unix flavors,
which don't make use of this function, the correct response
is returned.
It seems to me best to make a special case for this request
in directorywalk. If I receive no negative feedback I will
commit this to 1.3.
Thanks,
Keith
Index: http_request.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_request.c,v
retrieving revision 1.162
diff -u -r1.162 http_request.c
--- http_request.c 2001/03/09 10:10:27 1.162
+++ http_request.c 2001/11/14 19:26:12
@@ -417,7 +417,8 @@
ap_no2slash(test_filename);
num_dirs = ap_count_dirs(test_filename);
- if (!ap_os_is_filename_valid(r->filename)) {
+ if (!ap_os_is_filename_valid(r->filename) &&
+ !(r->method_number == M_OPTIONS && !strcmp(r->uri, "*"))) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
"Filename is not valid: %s", r->filename);
return HTTP_FORBIDDEN;
