Joshua Slive wrote:
On 8/22/05, Stuart Gall <[EMAIL PROTECTED]> wrote:
I haven't tested this myself, but my guess is that mod_autoindex
(which generates the directory listings) is doing a file-level
sub-request on each entry in the directory to see if it is accessible.
For some reason this sub-request is not processing the <Location>
sections, only the <Directory> sections.
Makes sense.
A bug then, or perhaps a security feature?
I think its a bug, but I'm not sure.
Well, it is a security feature to subrequest each of the files. Because
this is using a very optimized file subdir lookup, the full <Location>
tree might not be parsed.
It sounds like it could be a bug; but at the same time, you've hit on an
edge case which should be a reminder to never mix <Location >'s when you
really mean to call out either <Files > or <Directory >'s.
Bill
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
