11 messages in ru.sysoev.nginxRe: Igor any change auth_basic_user_f...
FromSent OnAttachments
mikeMar 12, 2009 10:24 am 
Igor SysoevMar 12, 2009 12:54 pm 
mikeMar 12, 2009 1:25 pm 
Igor SysoevMar 14, 2009 9:56 am.Other
mikeMar 14, 2009 10:26 am 
mikeMar 14, 2009 10:27 am 
Igor SysoevMar 14, 2009 10:48 am 
Igor SysoevMar 14, 2009 10:58 am 
mikeMar 14, 2009 11:21 am 
Igor SysoevMar 14, 2009 12:46 pm 
mikeMar 14, 2009 1:27 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: Igor any change auth_basic_user_file can accept the new regex stuff?Actions...
From:Igor Sysoev (is@rambler-co.ru)
Date:Mar 14, 2009 12:46:32 pm
List:ru.sysoev.nginx

On Sat, Mar 14, 2009 at 11:22:06AM -0700, mike wrote:

2009/3/14 Igor Sysoev <is@rambler-co.ru>:

Probably 403 should be return in both cases (static and dynamic) if error is file not found.

That is fine with me. I was going to recommend that but thought it might be a bit incorrect. Since htpasswd stuff -is- required to be configured on the server level, it is sort of a server error if it's pointing to the wrong file. However, the users can control the files a lot of the time and remove them...

As long as there is a simple to read error log entry for it, that works. Right now a 404 throws an "error" - shouldn't that be more like a "notice" ?

This missing file should be an error as it has more to do with server configuration. But me randomly typing in /ekfhskdfdskhfs into a site should not raise an "error" level:

2009/03/14 11:20:25 [error] 32217#0: *1 open() "/home/mike/web/192.168.1.3/fds" failed (2: No such file or directory), client: 192.168.1.2, server: 192.168.1.3, request: "GET /fds HTTP/1.1", host: "192.168.1.3"

IMHO it should be less important for a 404 :)

The error level is done as in Apache. There is no simple way to tell broken link from mistype/etc.

-- Igor Sysoev http://sysoev.ru/en/