Re: HTTPS environment variable is set after .htacces is parsed
On Sat, Mar 01, 2003 at 11:02:22AM -0500, Cliff Woolley wrote: On Sat, 1 Mar 2003, Domenico Andreoli wrote: order deny,allow deny from all allow from 127.0.0.1 allow from env=HTTPS Why do you need that env var? Use this instead: order deny,allow deny from all allow from 127.0.0.1 SSLRequireSSL after some thinking at it, i see you answer is not suitable for my needs. indeed, your mandates the use of SSL, while mine allowed access from localhost *or* SSL. i need something that can be put into allow directive... thanks cavok -[ Domenico Andreoli, aka cavok --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: HTTPS environment variable is set after .htacces is parsed
On Mon, 10 Mar 2003, Domenico Andreoli wrote: order deny,allow deny from all allow from 127.0.0.1 SSLRequireSSL after some thinking at it, i see you answer is not suitable for my needs. indeed, your mandates the use of SSL, while mine allowed access from localhost *or* SSL. Okay then, do this: order deny,allow deny from all allow from 127.0.0.1 SSLRequireSSL Satisfy any --Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
HTTPS environment variable is set after .htacces is parsed
hi again, with reference to debian bug report #103609 [1], a debian user states that HTTPS environment variable is still not set during the parsinig of .htacces. i'm quoting the relevant part from that report. - CUT HERE --- This ought to work in .htaccess: order deny,allow deny from all allow from 127.0.0.1 allow from env=HTTPS ... I can see the HTTPS environment variable in the output if I call a cgi script that dumps the environment, so it's there, it's just that somehow at the time that .htaccess is parsed it isn't available to 'allow from env=' statements yet. - CUT HERE --- i reproduced it with apache 1.3.27 and mod_ssl 2.8.12. so, if it is a bug, is still present in most recent versions. any comment? cheers cavok [1] http://bugs.debian.org/103609 -[ Domenico Andreoli, aka cavok --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 pgp0.pgp Description: PGP signature
Re: HTTPS environment variable is set after .htacces is parsed
On Sat, Mar 01, 2003 at 11:02:22AM -0500, Cliff Woolley wrote: On Sat, 1 Mar 2003, Domenico Andreoli wrote: order deny,allow deny from all allow from 127.0.0.1 allow from env=HTTPS Why do you need that env var? Use this instead: dunno, bug submitter used it. shouldn't it work anyway? order deny,allow deny from all allow from 127.0.0.1 SSLRequireSSL i'll forward him your answer. thanks cavok -[ Domenico Andreoli, aka cavok --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 pgp0.pgp Description: PGP signature
Re: HTTPS environment variable is set after .htacces is parsed
On Sat, 1 Mar 2003, Domenico Andreoli wrote: dunno, bug submitter used it. shouldn't it work anyway? Environment variables are, as a rule, set late in the process because the use of them has a relatively large performance penalty. They're really only there for communicating with CGI scripts and the like. --Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]