RE: about priviledge control and authz file's bug

From: Bagnall, Martin <Martin.Bagnall_at_hmhpub.com>
Date: Mon, 2 Mar 2009 15:58:51 +0000

Unfortunately the $ used to anchor the end of the string means that a
variation of the original issue remains, i.e. a user can access the
likes of:
http://server/svn/TestRepos./trunk

-----Original Message-----
From: Ryan Schmidt [mailto:subversion-2009a_at_ryandesign.com]
Sent: 27 February 2009 23:50
To: Bagnall, Martin
Cc: Buddy wu; users_at_subversion.tigris.org
Subject: Re: about priviledge control and authz file's bug

On Feb 27, 2009, at 09:10, Bagnall, Martin wrote:

> Thanks - I found later that what I'd originally written also matched a
> directory structure rather than just the directory immediately
> under svn
> (or viewvc). This is the regular expression I ended up going with:
>
> RedirectMatch 301 /svn/([^/]*)\./ /svn/$1/
> RedirectMatch 301 /viewvc/([^/]*)\./ /viewvc/$1/

You probably want to anchor these matches to the beginning and end of
the string.

RedirectMatch 301 ^/svn/([^/]*)\./$ /svn/$1/
RedirectMatch 301 ^/viewvc/([^/]*)\./$ /viewvc/$1/

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1256798

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-03-02 17:01:59 CET

This message: [ Message body ]
Next message: Toby Thain: "Re: read only access to repo"
Previous message: Andy Levy: "Re: subversion"
Next in thread: Bagnall, Martin: "RE: about priviledge control and authz file's bug"
Maybe reply: Bagnall, Martin: "RE: about priviledge control and authz file's bug"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]