[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authz on Collection of Repositories

From: Thomas ┼kesson <thomas_at_akesson.cc>
Date: Mon, 5 Nov 2012 00:21:48 +0100

Thanks Ivan for your work. I have very little experience with the svn codebase so my review is probably not very valuable. Anyway. looks good to me.

I have meant to set up a test server with our reference configuration to validate the patch under realistic circumstances. Unfortunately, the SLES activation servers have been down for several hours (we don't have dev tools on our VM Appliance by default). I will do some tests with parentpath under "/svn/" and both variations of Satisfy as soon as possible.

On 2 nov 2012, at 15:25, C. Michael Pilato wrote:

> I think HEAD[1] request would be the appropriate request here. (And I
> wonder, in retrospect, why we aren't using it for our regular in-repos
> path-based authz...)

I did some tests with curl --head just as a sanity check. It seems to be a good choice for access control. I primarily wanted to see that HEAD requests were not allowed in situations where GET is not (e.g. when user has access in directories below).

The HEAD requests I performed (minimal curl command) did not cause the server to provide Content-Length when returning "200 OK".

/Thomas ┼.
Received on 2012-11-05 00:22:24 CET

This is an archived mail posted to the Subversion Dev mailing list.