Status update:
Cliff has committed the fix,
I've have committed the new test.
So I guess this issue is closed now.
On Tue, 5 Feb 2002, Stas Bekman wrote:
> William A. Rowe, Jr. wrote:
>
> > From: "Stas Bekman" <[EMAIL PROTECTED]>
> > Sent: Monday, February 04, 2002 11:18 PM
> >
> >
> >
> >>>>I think it's a bug. The sub-directory can be password-protected. Does it
> >>>>mean that mod_autoindex won't display it, since it'll fail to run the
> >>>>sub-request?
> >>>>
> >>>>
> >>>By design, for better or worse [feel free to debate here.]
> >>>
> >>>The new logic [perhaps 1.3 as well, you would have to look] does a subrequest
> >>>on the /~stas/ url ... and decides it's broken [or inaccessable, or whatever]
> >>>and autoindex won't display it. What's broken about not displaying things that
> >>>the user cannot access?
> >>>
> >>I gave an example of a password protected sub-directory. You say that
> >>it's correct not to display it then? How do you know whether the user
> >>cannot access this directory? May be he does have the needed access
> >>credentials.
> >>
> >
> > Fair enough - we can rescope the rules. Right now 200s and 300s pass. The test
> > is right there in autoindex if you would like to change it.
> >
> > Personally, I never want to see 500'ed resources return OK ;-/
>
>
> agreed, but auth required is not 500 ;)
>
> Here is the new test, I figured trying to add this to the existing
> autoindex would be a hard thing to do, since so I simply wrote a new
> test and called it autoindex2.t.
>
> Currently 2 sub-tests pass
>
> - normal dir is listed
> - broken is not
>
> And 1 sub-test that doesn't pass:
>
> - passwd protected dir should be listed!
>
> I'm also not sure about the following: error_log says:
>
> [Tue Feb 05 16:09:57 2002] [alert] [client 127.0.0.1]
>
>/home/stas/apache.org/httpd-test/perl-framework/t/htdocs/modules/autoindex2/dir_broken/.htaccess:
>
> Invalid command 'This_is_a_broken_on_purpose_.htaccess_file', perhaps
> mis-spelled or defined by a module not included in the server configuration
>
> but there is no parallel log in access_log to dir_broken. So it may
> puzzle those who will try to figure out when the error was triggerred.
> But may be it's OK. I don't know.
>
>
> Index: t/conf/extra.conf.in
> ===================================================================
> RCS file: /home/cvs/httpd-test/perl-framework/t/conf/extra.conf.in,v
> retrieving revision 1.33
> diff -u -r1.33 extra.conf.in
> --- t/conf/extra.conf.in 5 Jan 2002 17:20:33 -0000 1.33
> +++ t/conf/extra.conf.in 5 Feb 2002 08:11:36 -0000
> @@ -310,6 +310,10 @@
> Options +Indexes
> AllowOverride Indexes
> </Directory>
> + <Directory @SERVERROOT@/htdocs/modules/autoindex2>
> + Options +Indexes
> + AllowOverride All
> + </Directory>
> </IfModule>
>
> ##
>
> --- /dev/null Thu Jan 1 07:30:00 1970
> +++ t/modules/autoindex2.t Tue Feb 5 16:10:20 2002
> @@ -0,0 +1,69 @@
> +use strict;
> +use warnings FATAL => 'all';
> +
> +use File::Spec::Functions qw(catfile catdir);
> +
> +use Apache::Test;
> +use Apache::TestUtil;
> +use Apache::TestRequest;
> +
> +##
> +## mod_autoindex test part II
> +##
> +## this tests how mod_autoindex handles sub-dirs:
> +## normal, with protected access, with broken .htaccess, etc...
> +
> +#my $cfg = Apache::Test::config();
> +my $vars = Apache::Test::config()->{vars};
> +my $documentroot = $vars->{documentroot};
> +my $base_dir = catdir $documentroot, "modules", "autoindex2";
> +my $base_uri = "/modules/autoindex2";
> +
> +# which sub-dir listings should be seen in mod_autoindex's output
> +# 1 == should appear
> +# 0 == should not appear
> +my %dirs = (
> + dir_normal => 1, # obvious
> + dir_protected => 1, #
> + dir_broken => 0, #
> +);
> +
> +plan tests => 3;
> +
> +setup();
> +
> +my $res = GET_BODY "$base_uri/";
> +
> +# simply test whether we get the sub-dir listed or not
> +for my $dir (sort keys %dirs) {
> + my $found = $res =~ /$dir/ ? 1 : 0;
> + ok t_cmp($dirs{$dir},
> + $found,
> + "$dir should @{[$dirs{$dir}?'':'not ']}be listed");
> +}
> +
> +sub setup {
> + t_mkdir $base_dir;
> +
> + ### normal dir
> + t_mkdir catdir $base_dir, "dir_normal";
> +
> + ### passwd protected dir
> + my $prot_dir = catdir $base_dir, "dir_protected";
> + # htpasswd file
> + t_write_file catfile($prot_dir, "htpasswd"), "nobody:HIoD8SxAgkCdQ";
> + # .htaccess file
> + my $content = <<CONTENT;
> +AuthType Basic
> +AuthName "Restricted Directory"
> +AuthUserFile $prot_dir/htpasswd
> +Require valid user
> +CONTENT
> + t_write_file catfile($prot_dir, ".htaccess"), $content;
> +
> + ### dir with a broken .htaccess
> + my $broken_dir = catdir $base_dir, "dir_broken";
> + t_write_file catfile($broken_dir, ".htaccess"),
> + "This_is_a_broken_on_purpose_.htaccess_file";
> +
> +}
>
>
> _____________________________________________________________________
> Stas Bekman JAm_pH -- Just Another mod_perl Hacker
> http://stason.org/ mod_perl Guide http://perl.apache.org/guide
> mailto:[EMAIL PROTECTED] http://ticketmaster.com http://apacheweek.com
> http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
>
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
