On September 27, 2011 17:47 , Al Dispennette
<al.dispenne...@clairmail.com> wrote:
Below I have two location match tags that I would like to use to
control the flow of information as it enters my apache servers. The
problem though is that when I restart the servers I get an error
saying that the limit request field variable is not permitted inside
the location match tag. This seems to me like a problem. If I have
one page that has a large amount of data being passed in a single
field and another page that has a small amount of data in a large
number of fields. How am I supposed to accommodate that without
increasing both globally?
Is it really necessary to try exert this degree of control? Would it be
bad for you to leave LimitRequestBody, LimitRequestFields (note the "s"
at the end of the directive name, you were missing the "s" in the
configuration you included in your original message), and
LimitRequestFieldSize?
LimitRequestFields and LimitRequestFieldSize can only be used in the
server configuration and virtual host contexts; they cannot be used in
directory context or .htaccess context. To use a directive in a
<Location> or <LocationMatch> stanza, the directive has to be one that
can be used in directory context. So the behavior your are observing is
correct, per the documentation. If I were to guess as to why these
directives are not supported in directory context, my guess would be
because they both impose limits on HTTP request headers. HTTP request
headers are read very early in Apache HTTP Server's request processing
loop, long before URL rewriting or URL-to-filesystem path mapping are
done; these things would have to be taken into account in order to allow
the directives to be used in directory context. Since these requests
are intended (per the documentation) to avoid some forms denial of
service attacks, it makes sense to deny the request as soon as the
headers are read and not do all the additional processing that would
need to be done to figure out the URL-path and/or filesystem-path before
knowing whether the request applied to one or more of the <Directory>,
<DirectoryMatch>, <Location>, <LocationMatch>, <Proxy>, or <ProxyMatch>
stanzas -- or one or more of the .htaccess files -- that might wind up
applying to the request.
--
Mark Montague
m...@catseye.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org