Mercurial > hg > nginx-vendor-current
diff src/http/modules/ngx_http_access_module.c @ 212:56688ed172c8 NGINX_0_3_53
nginx 0.3.53
*) Change: the "add_header" directive adds the string to 204, 301, and
302 responses.
*) Feature: the "server" directive in the "upstream" context supports
the "weight" parameter.
*) Feature: the "server_name" directive supports the "*" wildcard.
*) Feature: nginx supports the request body size more than 2G.
*) Bugfix: if a client was successfully authorized using "satisfy_any
on", then anyway the message "access forbidden by rule" was written
in the log.
*) Bugfix: the "PUT" method may erroneously not create a file and
return the 409 code.
*) Bugfix: if the IMAP/POP3 backend returned an error, then nginx
continued proxying anyway.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Fri, 07 Jul 2006 00:00:00 +0400 |
| parents | 4cd3e70c4d60 |
| children | fa32d59d9a15 |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_access_module.c +++ b/src/http/modules/ngx_http_access_module.c @@ -92,6 +92,7 @@ ngx_http_access_handler(ngx_http_request ngx_uint_t i; struct sockaddr_in *sin; ngx_http_access_rule_t *rule; + ngx_http_core_loc_conf_t *clcf; ngx_http_access_loc_conf_t *alcf; alcf = ngx_http_get_module_loc_conf(r, ngx_http_access_module); @@ -113,8 +114,12 @@ ngx_http_access_handler(ngx_http_request if ((sin->sin_addr.s_addr & rule[i].mask) == rule[i].addr) { if (rule[i].deny) { - ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, - "access forbidden by rule"); + clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); + + if (!clcf->satisfy_any) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "access forbidden by rule"); + } return NGX_HTTP_FORBIDDEN; }