Anne van Kesteren wrote:
On Thu, 03 May 2007 03:00:16 +0200, Jonas Sicking <[EMAIL PROTECTED]> wrote:
Also, you want this in addition to the current mechanism, right?
See my latest proposal in my previous mail. Rather than having
'exclude' additions to both allow and deny, I think it'd be simpler to
have a 'default' rule as well. This rule wouldn't need to exist for
the PI, though it might be nice to have it just for consistency, I
don't really feel strongly either way.
I missed that. The current mechanism is actually defined in such a way
that order is not important. I'm not sure what the affect of changing
that would be.
I know, but I propose we change that since I think the current algorithm
is hard to easily see what results it produces, as you described in the
initial mail in this thread.
Also, you still need to have allow and exclude for the
processing instruction so supporting the same logic for the HTTP header
makes more sense to me. Basically:
rule ::= type (pattern)+ ("exclude" (pattern)+)?
type ::= allow | deny
My propsal was that we have "allow", "deny" and "default" for the HTTP
header and "allow" and "deny" for the PIs. The logic would be exactly
the same between them. We could even have "allow", "deny" and "default"
for the PIs and let the processing be exactly the same, the effect would
be that for PIs "deny" and "default" would have the same effect.
/ Jonas
