On Sun, Nov 11, 2012 at 2:28 AM, Justin Erenkrantz
<justin_at_erenkrantz.com> wrote:
> On Sat, Nov 10, 2012 at 3:25 PM, Thomas Ã…kesson <thomas_at_akesson.cc> wrote:
>>
>> I suppose this means that it would be a significant optimization to
>> perform HEAD rather than GET when discovering ACLs for every subdirectory in
>> a directory listing?
>
>
> Probably - doing the HEAD request will run the full authn and authz checks,
> but it won't produce the bodies - you'll also save not having to send the
> responses on the wire - but you won't know what the directory listing is
> unless you do a GET in the first place. So, it might help at the leaf nodes
> in the tree. (But how would you know it's a leaf! Fun.)
>
I've checked in debugger and it seems creating sub request performs
auth/authz without
until call to ap_subreq_run().
--
Ivan Zhakov
Received on 2012-11-11 17:28:20 CET