RE: negative LocationMatch syntax?
-Original Message- From: Matt Sergeant [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 2:00 PM To: [EMAIL PROTECTED] Cc: modperl; modssl Subject: Re: negative LocationMatch syntax? [snip] Is there a way I could use LocationMatch to specify a not condition? as in LocationMatch !~ "/(thisfile|thatDir|whatever).*" SSLVerifyClient require /LocationMatch That would let me list the exceptions, and everything else would be restricted by default.. It's really frustrating, but this is *not* possible... I _hate_ hearing that... anyway, after an initial attempt to hack http_request.c (which didn't seem that hard but proved beyond my meager C) I came up with this: http://morpheus.laserlink.net/~gyoung/modules/Apache-ReverseLocation-0.01.ta r.gz it's just proof-of-concept at this point, but allows for reversed Location !~ "foo" and LocationMatch !~ "foo" by just including it as a PerlModule it's major limitation at this point is that you can only have one reversed configuration - I didn't build in regex = location mappings yet, just in case somebody points out that this can never really work. In my tests, though, it seemed to work just fine, but I may be missing something. anyway, if anyone thinks this is a worthy endeavor (over patching httpd core), and doesn't manage to show how futile the efforts really is, then I maybe I'll tidy it up, document it, and release it... have fun... --Geoff
Re: negative LocationMatch syntax?
Matt Sergeant wrote: Is there a way I could use LocationMatch to specify a not condition? as in LocationMatch !~ "/(thisfile|thatDir|whatever).*" SSLVerifyClient require /LocationMatch That would let me list the exceptions, and everything else would be restricted by default.. It's really frustrating, but this is *not* possible... Maybe with a Perl section?
Re: negative LocationMatch syntax?
On Thu, 12 Apr 2001, Perrin Harkins wrote: Matt Sergeant wrote: Is there a way I could use LocationMatch to specify a not condition? as in LocationMatch !~ "/(thisfile|thatDir|whatever).*" SSLVerifyClient require /LocationMatch That would let me list the exceptions, and everything else would be restricted by default.. It's really frustrating, but this is *not* possible... Maybe with a Perl section? You might be able to do this, but things of course are different as you'd have to set all your config options in Perl, rather than as plain directives. I'd like to see it done, all the same. -- Matt/ /||** Founder and CTO ** ** http://axkit.com/ ** //||** AxKit.com Ltd ** ** XML Application Serving ** // ||** http://axkit.org ** ** XSLT, XPathScript, XSP ** // \\| // ** mod_perl news and resources: http://take23.org ** \\// //\\ // \\
Re: negative LocationMatch syntax?
On Thu, 12 Apr 2001, Paul wrote: Hi all. I need to leave a few areas of our site freely accessible, but most of the site is restricted, and I'd like the default behavior to be restrictive. I don't want to have to remember to change the config if I add new directories, as in adding Location SSLVerifyClient require /Location Is there a way I could use LocationMatch to specify a not condition? as in LocationMatch !~ "/(thisfile|thatDir|whatever).*" SSLVerifyClient require /LocationMatch That would let me list the exceptions, and everything else would be restricted by default.. It's really frustrating, but this is *not* possible... However here's a hack I've used that kinda works: LocationMatch "([^[.thisfile.]]|[^[.thatDir.]]|[^[.whatever.]]).*" It's ugly, but it works for some cases, but not all (in fact the above might not work - I haven't tested it). See regex.7 in src/regex in the apache distribution for more docs on what you can do. -- Matt/ /||** Founder and CTO ** ** http://axkit.com/ ** //||** AxKit.com Ltd ** ** XML Application Serving ** // ||** http://axkit.org ** ** XSLT, XPathScript, XSP ** // \\| // ** mod_perl news and resources: http://take23.org ** \\// //\\ // \\
