Freek Dijkstra wrote:
> Steps to reproduce
> 1. Add the following configuration to httpd.conf:
>
> Alias /test/ /var/www/test/
>
> <Directory "/var/www/test/projects">
> Options Indexes
> Order deny,allow
> Deny from all
> </Directory>
>
> <Directory ~ "/var/www/test/projects/$">
> Allow from all
> </Directory>
>
>
> Expected results:
> - requesting http://localhost/test/projects would give an autoindex
> - requesting http://localhost/test/projects/subdir would give a 403
> Forbidden
>
> Actual results:
> - requesting http://localhost/test/projects gives a 403 Forbidden
> - requesting http://localhost/test/projects/subdir gives a 403 Forbidden
For what it's worth, I'll follow the progress and will strive to get it
fixed, but can not easily upgrade this particular server.
Fortunately, there is a workaround for those who want to achieve
behaviour as I originally intended:
Alias /projects/ /var/www/test/projects/
<Directory "/var/www/test/projects/">
Options Indexes
Order allow,deny
Allow from all
</Directory>
<Directory ~ "/var/www/test/projects/.+/">
Order deny,allow
Deny from all
</Directory>
<Directory ~ "/var/www/test/projects/subdir1/">
Allow from all
</Directory>
- Requesting www.example.org/projects/ is allowed.
- Requesting www.example.org/projects/subdir1/ is allowed.
- Requesting www.example.org/projects/subdir2/ is not allowed.
This was exactly what I wanted.
For those implementing this workaround, be very careful about:
* Add the ~ in the last directive. It may seem superfluous, but is in
fact essential. Without it, the parsing order would change, as explained
in http://httpd.apache.org/docs/2.2/sections.html#mergin.
* Add the / in the folder of the last directive. Without it, the parsing
order would change, so that the other regexp would prevail.
Regards,
Freek
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
