Manualshelf

User manual

ManualsBrandsApple ManualsSoftwareMac OS X Server Java Application Server Administration For Version 10.3 or Later
31323334353637383940
Table Of Contents
38 Chapter 3 Managing Websites
If the user has placed multiple content files in his or her Sites folder, and cannot modify
the index.html to include links to those files, the user may benefit from the automatic
folder indexing described previously. If the “Enable folder listing” setting is enabled, an
index listing of file names will be visible to browsers at http://example.com/~refuser.
Indexing settings also apply to subfolders placed in the user's Sites folder. If the user
adds a content subfolder named Example to the Sites folder, and either an index.html
file is present inside the Example folder, or folder indexing is enabled for that user's site,
then the folder will be available to browsers at http://example.com/~refuser/Example.
The Module mod_hfs_apple Protects Web Content Against Case Insensitivity
in the HFS File System
Mac OS X Server 10.3 has a new feature that provides case-sensitive coverage for HFS
file names. This new feature should mean that the extra protection of mod_hfs_apple
(discussed below) is not necessary.
The HFS Extended volume format commonly used for Mac OS X Server preserves the
case of file names but does not distinguish between a file or folder named “Example”
and one named eXaMpLe.” Were it not for mod_hfs_apple, this would be a potential
issue when your web content resides on such a volume and you are attempting to
restrict access to all or part of your web content using security realms. If you set up a
security realm requiring browsers to use a name and a password for read-only access to
content within a folder named “Protected,” browsers would need to authenticate in
order to access the following URLs:
http://example.com/Protected
http://example.com/Protected/secret
http://example.com/Protected/sECreT
But they could bypass it by using something like the following:
http://example.com/PrOtECted
http://example.com/PrOtECted/secret
http://example.com/PrOtECted/sECreT
Fortunately, mod_hfs_apple prevents those types of efforts to bypass the security
realm, and this module is enabled by default.
Note: mod_hfs_apple operates on folders; it is NOT intended to prevent access to
individual files. A file named secret” can be accessed as seCREt”. This is correct
behavior, and does not allow bypassing security realms.
LL2350.book Page 38 Friday, August 22, 2003 2:32 PM