This helps alot. I've been looking for a concise map of the various
phases and what returns codes take me where. I'll probably post it on
my wall.
> all phases up to and including content generation ought to behave exactly
> the same...
>
> - DECLINED moves to the next handler in the phase
> - DONE bypasses content generation, closes the connection, and goes directly
> to the logging phase
> - anything other than DONE, OK, or DECLINED terminates the phase and enters
> the ErrorDocument cycle (where there may or may not be an actual
> ErrorDocument configured)
>
A couple follow-up questions. What phases are run during the
ErrorDocument cycle?
One motivation I have is for these virus attacks, I'd like to send out
a 403 - Forbidden right at the beginning (say, when someone asks for
default.ida) and then I'd like to have the option of not logging it to
keep it from growing my logs and distorting my log reports.
Is there anyway to selectively tell a request not to even log this?
Disable the log handler for the current request, maybe?
> the only thing that varies across the phases is the meaning of OK
> - for trans, auth, authz, and type checkers no further handlers are run
> - for all others it is effectively the same as DECLINED
>
> HTH
