And, in briefly re-examing my reason for developing this module, here's what happens when, on a stock freshly installed httpd-2.2.17-1.fc14.x86_64 FC-14 setup, I try to do :
in /etc/httpd/conf/httpd.conf : @line 320: <Directory "/var/www/html"> # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.2/mod/core.html#options # for more information. # XBitHack on Options Indexes FollowSymLinks Includes And then create /var/www/html/test_inc.html : $ echo '<!--#include file="/var/www/include/test.inc"--> ' > /var/www/html/test_inc.html $ chown apache:apache /var/www/html/test_inc.html; chmod 0755 /var/www/html/test_inc.html ; and then create /var/www/include/test.inc : $ echo 'html> <head> <title> It worked!</title> </head> </html> ' > /var/www/include/test.inc $ chown apache:apache /var/www/include/test.inc; chmod 0644 /var/www/include/test.inc $ curl http://127.0.0.1/html/test_inc.html [Wed Apr 06 18:13:43 2011] [error] [client 127.0.0.1] unable to include file "/var/www/include/test.inc" in parsed file /var/www/html/test_inc.html [an error occurred while processing this directive] Gee, what an informative error message ! (I was doing 'tail -f /var/log/http/error_log &') . This is because there is no "<Directory> ... </Directory>" entry for "/var/www/include" . So standard apache SSI can't work even if my scripts use absolute URLs - my include directory MUST be in some '<Directory>...</Directory>' - but I don't want to provide any HTTP/S access to SSI fragments - so how can I put them in a non-'<Directory>...</Directory>' location ? So to me it is just easier to develop the 'ssi-fragment' mime-type handler module , which enables SSI to be used freely , safely and efficiently by scripts without letting all-and-sundry access SSI fragments which may be security sensitive outside their containing documents. My ssi-fragment module has been working OK for some months now on my client's web-server - I'll check with my client to see if it's OK to make it open-source , and if so, will post it here or to 'apache-contrib' - I can't find anything else that does the job . All the best, Jason --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
