Removing Limit and LimitExcept (was: svn commit: r1023227 - in /httpd/httpd/trunk: CHANGES server/core.c)

Tue, 19 Oct 2010 11:49:00 -0700 

On Tuesday 19 October 2010, William A. Rowe Jr. wrote:
> On 10/19/2010 12:47 PM, Stefan Fritsch wrote:
> > On Tuesday 19 October 2010, William A. Rowe Jr. wrote:
> >> If it will be gone, let's get rid of it now.  Now that you have
> >> the allowmethod module added, it seems we have sufficient
> >> control paths that will allow users to constrain the accepted
> >> methods, right?
> >> 
> >> <Method > may still prove useful, but the old <Limit > was so
> >> constrained that I think we have that old functionality covered,
> >> now.
> > 
> > Fine with me. I have reverted r1023227.
> 
> Did the removelimit sandbox look good to you, or did we have any
> further changes before we drop that feature?
> 
> http://svn.apache.org/viewvc/httpd/sandbox/replacelimit/
> 
> Comments sought - if we don't have any objections or changes to
> this fork, I know of at least three committers who believe its
> time already, at least with the addition o the allowmethod module,
> eval conditionals and lua.

I have noticed that there are many failures in t/modules/access.t 
because of "AllowOverride Limit" being ignored. In this case, many 
requests that should have been denied have been allowed. Should we 
keep "AllowOverride Limit" as alias for "AllowOverride AuthConfig"? Of 
course the deprecation warning should be kept.

Apart from that, I am fine with the removelimit sandbox. Attached is a 
patch to make the test framework work.


Index: t/conf/extra.conf.in
===================================================================
--- t/conf/extra.conf.in	(Revision 1024343)
+++ t/conf/extra.conf.in	(Arbeitskopie)
@@ -261,7 +261,12 @@
 
 <IfModule @ACCESS_MODULE@>
     <Directory @SERVERROOT@/htdocs/modules/access/htaccess>
-        AllowOverride Limit
+        <IfVersion >= 2.3.9>
+            AllowOverride AuthConfig
+        </IfVersion>
+        <IfVersion < 2.3.9>
+            AllowOverride Limit
+        </IfVersion>
     </Directory>
 </IfModule>
 
Index: c-modules/test_apr_uri/mod_test_apr_uri.c
===================================================================
--- c-modules/test_apr_uri/mod_test_apr_uri.c	(Revision 1024343)
+++ c-modules/test_apr_uri/mod_test_apr_uri.c	(Arbeitskopie)
@@ -275,7 +275,11 @@
     unsigned total_failures;
     int i;
 
+#if OR_LIMIT == OR_AUTHCFG
+    r->allowed_methods.method_mask |= (AP_METHOD_BIT << M_GET);
+#else
     r->allowed |= (AP_METHOD_BIT << M_GET);
+#endif
     if (r->method_number != M_GET)
         return DECLINED;
 
Index: c-modules/random_chunk/mod_random_chunk.c
===================================================================
--- c-modules/random_chunk/mod_random_chunk.c	(Revision 1024343)
+++ c-modules/random_chunk/mod_random_chunk.c	(Arbeitskopie)
@@ -117,7 +117,11 @@
         return DECLINED;
     }
 
+#if OR_LIMIT == OR_AUTHCFG
+    r->allowed_methods.method_mask |= (AP_METHOD_BIT << M_GET);
+#else
     r->allowed |= (AP_METHOD_BIT << M_GET);
+#endif
 
     if (r->method_number != M_GET) {
         return DECLINED;

Reply via email to