I just tried comparing NCSA 1.3R, Apache 0.6.5 and Apache 0.8.8
with different flavours of .htaccess file while POSTing to a
script with and without require'ments for authorization. As before
1.3R and 0.6.5 behave the same way, but veers between success
and really bad road-kill depending on what you throw at it.
A long list of tests follows, but briefly:
A) The .htaccess parsing code is causing a SIGSEGV when it
gets confused by funnies in the .htaccess file.
B) 0.8.8 really is exhibiting non-NCSA behaviour which Brian's
highlighted in his compatibility notes page on www.apache.org
Ay
--- cut here ---
1)
Apache 0.8.8
.htaccess =
<limit GET>
require user TIS
</limit>
AUTHORIZATION FAILURE [correct uid/passwd *IS* given!!]
2)
Apache 0.8.8
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
3) --- tell me we can't have comments....
Apache 0.8.8
.htaccess =
<limit GET POST>
#require user TIS
</limit>
error_log =
[Tue Aug 8 23:07:36 1995] httpd: caught SIGSEGV, dumping core
4)
Apache 0.8.8
.htaccess =
<limit GET POST>
</limit>
error_log =
[Tue Aug 8 23:07:36 1995] httpd: caught SIGSEGV, dumping core
5)
NCSA 1.3R
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
6)
NCSA 1.3R
.htaccess =
<limit GET POST>
#require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
7)
NCSA 1.3R
.htaccess =
<limit GET POST>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
8)
NCSA 1.3R
.htaccess =
<limit GET>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
9)
NCSA 1.3R
.htaccess =
<limit GET>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
10)
NCSA 1.3R
.htaccess =
<limit GET>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
11)
Apache 0.6.5
.htaccess =
<limit GET>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
12)
Apache 0.6.5
.htaccess =
<limit GET>
#require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
13)
Apache 0.6.5
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
--- cut here ---
with different flavours of .htaccess file while POSTing to a
script with and without require'ments for authorization. As before
1.3R and 0.6.5 behave the same way, but veers between success
and really bad road-kill depending on what you throw at it.
A long list of tests follows, but briefly:
A) The .htaccess parsing code is causing a SIGSEGV when it
gets confused by funnies in the .htaccess file.
B) 0.8.8 really is exhibiting non-NCSA behaviour which Brian's
highlighted in his compatibility notes page on www.apache.org
Ay
--- cut here ---
1)
Apache 0.8.8
.htaccess =
<limit GET>
require user TIS
</limit>
AUTHORIZATION FAILURE [correct uid/passwd *IS* given!!]
2)
Apache 0.8.8
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
3) --- tell me we can't have comments....
Apache 0.8.8
.htaccess =
<limit GET POST>
#require user TIS
</limit>
error_log =
[Tue Aug 8 23:07:36 1995] httpd: caught SIGSEGV, dumping core
4)
Apache 0.8.8
.htaccess =
<limit GET POST>
</limit>
error_log =
[Tue Aug 8 23:07:36 1995] httpd: caught SIGSEGV, dumping core
5)
NCSA 1.3R
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
6)
NCSA 1.3R
.htaccess =
<limit GET POST>
#require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
7)
NCSA 1.3R
.htaccess =
<limit GET POST>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
8)
NCSA 1.3R
.htaccess =
<limit GET>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
9)
NCSA 1.3R
.htaccess =
<limit GET>
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
10)
NCSA 1.3R
.htaccess =
<limit GET>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
11)
Apache 0.6.5
.htaccess =
<limit GET>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
12)
Apache 0.6.5
.htaccess =
<limit GET>
#require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
13)
Apache 0.6.5
.htaccess =
<limit GET POST>
require user TIS
</limit>
POST ALLOWED, SCRIPT EXECUTES SUCCESSFULLY
--- cut here ---