From: Randy Terbush Date: Thu, 29 Jul 1999 18:17:43 +0000 (+0000) Subject: Doc changes. X-Git-Tag: 1.3.7~1 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=956e6067f0d47b28c3a44b526918eff4b2897221;p=apache Doc changes. Submitted by: Alan J. Flavell Reviewed by: Randy Terbush git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@83526 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/core.html b/docs/manual/mod/core.html index b15172f6c4..461f4d286a 100644 --- a/docs/manual/mod/core.html +++ b/docs/manual/mod/core.html @@ -1321,24 +1321,28 @@ applies. REL="Help" >Status: core

-<Limit> and </Limit> are used to enclose a group of -access control directives which will then apply only to the specified -access methods, where method is any valid HTTP method. -Any directive except another <Limit> or -<Directory> may be used; the majority will be -unaffected by the <Limit>. Example: +Access controls are normally effective for all access +methods, and this is the usual desired behaviour. In the +general case, access control directives should not be placed within a +<limit> section. + +

The purpose of the <Limit> directive is to restrict the effect +of the access controls to the nominated HTTP methods. For all other +methods, the access restrictions that are enclosed in the +<Limit> bracket will have no effect. The +following example applies the access control only to the methods POST, +PUT, and DELETE, leaving all other methods unprotected: +

-<Limit GET POST>
+<Limit POST PUT DELETE>
require valid-user
</Limit>
-If an access control directive appears outside a <Limit> -directive, then it applies to all access methods. The method names -listed can be one or more of: GET, POST, PUT, DELETE, CONNECT or -OPTIONS. The method name is case-sensitive. -If GET is used it will also restrict HEAD requests. -If you wish to limit all methods, do not include any -<Limit> directive at all. +The method names listed can be one or more of: GET, POST, PUT, DELETE, +CONNECT, OPTIONS, TRACE, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, +MOVE, LOCK, and UNLOCK. The method name is +case-sensitive. If GET is used it will also restrict HEAD +requests.

@@ -2371,24 +2375,25 @@ Only users in the named groups can access the directory.

All valid users can access the directory.

-If require appears in a <Limit> -section, then it restricts access to the named methods, otherwise -it restricts access for all methods. Example: +Require must be accompanied by AuthName and +AuthType directives, and directives such as +AuthUserFile and +AuthGroupFile (to define users and +groups) in order to work correctly. Example:

AuthType Basic
-AuthName somedomain
+AuthName "Restricted Directory"
AuthUserFile /web/users
AuthGroupFile /web/groups
-<Limit GET POST>
require group admin
-</Limit>
-Require must be accompanied by AuthName and -AuthType directives, and directives such as -AuthUserFile and -AuthGroupFile (to define users and -groups) in order to work correctly.

+Access controls which are applied in this way are effective for +all methods. This is what is normally +desired. If you wish to apply access controls only to +specific methods, while leaving other methods unprotected, then place +the require statement into a <Limit> section

ResourceConfig directive