Re: Authz on Collection of Repositories
On 05.11.2012 00:21, Thomas ├ůkesson wrote:
> I did some tests with curl --head just as a sanity check. It seems to be a good choice for access control. I primarily wanted to see that HEAD requests were not allowed in situations where GET is not (e.g. when user has access in directories below).
> The HEAD requests I performed (minimal curl command) did not cause the server to provide Content-Length when returning "200 OK".
Which is precisely what I was talking about in my other post. Such HEAD
responses are invalid. If we implement HEAD, we have to do it correctly.
Received on 2012-11-05 09:12:28 CET
This is an archived mail posted to the Subversion Dev