From: Colm MacCarthaigh <colm@apache.org>
Date: Wed, 2 Nov 2005 19:47:04 +0000 (+0000)
Subject: Add a show-stopper todo with mod_cache and mod_authz_host.
X-Git-Tag: 2.1.10~72
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f467265aca685c5c4e6de5d4deea932107621a5f;p=thirdparty%2Fapache%2Fhttpd.git

Add a show-stopper todo with mod_cache and mod_authz_host.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@330328 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index 9bb3f580e3d..3a2fcb07021 100644
--- a/STATUS
+++ b/STATUS
@@ -72,6 +72,23 @@ RELEASE SHOWSTOPPERS:
             implementation (you have suggested that) and once 2.2 is
             released you can't do that anymore. 
 
+    * mod_cache currently trumps mod_authz_host. When serving local content,
+      the directives: "Allow from 10.0.0.0/8\nDeny from all" become
+      meaningless, as any content cached will be served to any IP address.
+      Potential solutions:  
+        i.   mod_cache can be modified to (or be able to) run as a normal
+             handler (ie after the map to storage hook has been run) (presently
+             vetoed) 
+        ii.  mod_cache can be modified to run the map to storage hook.
+        iii. mod_authz_host needs to be re-designed to issue "Vary: *" or 
+             or set r->no_cache for content like this which should not be 
+             cached. However figuring out the situation in which there is an 
+             "Allow from all" tautalogy is non-trivial and error-prone due to
+             a) The common "Allow from all" which is set in all previously 
+             shipped default configs and b) if an admin adds a Deny while an 
+             entity is cached, it would have no effect.
+      References:
+      http://mail-archives.apache.org/mod_mbox/httpd-dev/200510.mbox/%3c20051006204601.GA6619@stdlib.net%3e
 
 CURRENT VOTES: