02.08.2013 20:17, Ben Reser написав(ла):
> mod_autoindex automatically provides a directory listing of files
> under a path. However, by default it doesn't display any paths that
> you don't have access to, e.g. .htaccess. It does this by issuing
> subrequests for those other paths so that authz can run on them.
> (This behavior could be changed with IndexOptions ShowForbidden).
>
> mod_dav_svn. Numerous commands in SVN impact other paths than the URI
> (e.g. `svn list` which is similar to the autoindex case above,
> commiting a copy or move which touch two paths one of which is on in
> the URI but rather in the headers).
The modules in your examples /deliberately/ use the authz mechanism to
generate different output based on the results. But what is doing it in
the case I describe -- where the generated content is exactly the same?
Why would anyone want to provide distinct authorization rules to /foo/
and /foo/index.html, for example? What is a possible use-case?
Likewise, why would anyone configure mod_fastcgi to hand off processing
of PHP-files to FPM:
FastCGIExternalServer /usr/sbin/php-fpm -socket /var/run/fpm/main.sock
AddHandler php-fastcgi .php
Action php-fastcgi /php-fpm
ScriptAlias /php-fpm /usr/sbin/php-fpm
but need the /php-fpm/foo/ to have authorization rules different from
those of /foo/?
-mi
