diff options
| author | Graham Leggett <minfrin@apache.org> | 2011-12-21 11:47:19 +0100 |
|---|---|---|
| committer | Graham Leggett <minfrin@apache.org> | 2011-12-21 11:47:19 +0100 |
| commit | b162b93559360092170b687d3cf3ed36267b2999 (patch) | |
| tree | 1bc53067d5a3f591331f4c4895865da8a8ae2b96 | |
| parent | Add documentation for mod_policy, as well as explanatory documentation (diff) | |
| download | apache2-b162b93559360092170b687d3cf3ed36267b2999.tar.xz apache2-b162b93559360092170b687d3cf3ed36267b2999.zip | |
Update transformations.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1221671 13f79535-47bb-0310-9956-ffa450edef68
32 files changed, 1248 insertions, 13 deletions
diff --git a/docs/manual/compliance.html b/docs/manual/compliance.html new file mode 100644 index 0000000000..7d2dcccbf1 --- /dev/null +++ b/docs/manual/compliance.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: compliance.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/docs/manual/compliance.html.en b/docs/manual/compliance.html.en new file mode 100644 index 0000000000..212c869c2f --- /dev/null +++ b/docs/manual/compliance.html.en @@ -0,0 +1,466 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>HTTP Protocol Compliance - Apache HTTP Server</title> +<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="./images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.5</p> +<img alt="" src="./images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="./images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="./">Version 2.5</a></div><div id="page-content"><div id="preamble"><h1>HTTP Protocol Compliance</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="./en/compliance.html" title="English"> en </a></p> +</div> + + <p>This document describes the mechanism to set a policy for HTTP + protocol compliance for a given URL space by the origin servers or + applications behind that URL space.</p> + + <p>For those who may have received an error message from a rejected + policy, and need to know what the policy rejection means and what + they might do to fix the error, each policy is described below.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#intro">Enforcing HTTP Protocol Compliance in Apache 2</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policyconditional">Conditional Request Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policylength">Content-Length Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policytype">Content-Type Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policykeepalive">Keepalive Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policymaxage">Freshness Lifetime / Maxage Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policynocache">No Cache Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policyvalidation">Validation Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policyvary">Vary Header Policy</a></li> +<li><img alt="" src="./images/down.gif" /> <a href="#policyversion">Protocol Version Policy</a></li> +</ul><h3>See also</h3><ul class="seealso"><li><a href="filter.html">Filters</a></li></ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="intro" id="intro">Enforcing HTTP Protocol Compliance in Apache 2</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyconditional">PolicyConditional</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policylength">PolicyLength</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policykeepalive">PolicyKeepalive</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policytype">PolicyType</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyvary">PolicyVary</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyvalidation">PolicyValidation</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policynocache">PolicyNocache</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policymaxage">PolicyMaxage</a></code></li><li><code class="directive"><a href="./mod/mod_policy.html#policyversion">PolicyVersion</a></code></li></ul></td></tr></table> + + <p>The HTTP protocol follows the <strong>robustness principle</strong> + as described in <a href="http://tools.ietf.org/html/rfc1122">RFC1122</a>, + which states <strong>"Be liberal in what you accept, and conservative in + what you send"</strong>. As a result of this principle, HTTP clients will + compensate for and recover from incorrect or misconfigured responses, or + responses that are uncacheable.</p> + + <p>As a website is scaled up to face greater and greater traffic loads, + suboptimal or misconfigured applications or server configurations can + threaten both the stability and scalability of the website, as well as + the hosting costs associated with it. A website can also scale up to face + greater configuration complexity, and it can be increasingly difficult to + detect and keep track of suboptimally configured URL spaces on a given + server.</p> + + <p>Eventually a point is reached where the principle "conservative in + what you send" needs to be enforced by the server administrator.</p> + + <p>The <code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code> module provides a set of filters + which can be applied to a server, allowing key features of the HTTP + protocol to be explicitly tested, and non compliant responses logged as + warnings, or rejected outright as an error. Each filter can be applied + separately, allowing the administrator to pick and choose which policies + should be enforced depending on the circumstances of their environment. + </p> + + <p>The filters might be placed in testing and staging environments for + the benefit of application and website developers, or may be applied + to production servers to protect infrastructure from systems outside + the administrator's direct control.</p> + + <p class="figure"> + <img src="images/compliance-reverse-proxy.png" width="666" height="239" alt="Enforcing HTTP protocol compliance for an application server" /> + </p> + + <p>In the above example, an Apache httpd server has been placed between + the application server and the internet at large, and configured to cache + responses from the application server. The <code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code> + filters have been added to enforce support for cacheable content and + conditional requests, ensuring that both <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> and + public caches on the internet are fully able to cache content created + by the restful application server efficiently.</p> + + <p class="figure"> + <img src="images/compliance-static.png" width="469" height="239" alt="Enforcing HTTP protocol compliance in a static server" /> + </p> + + <p>In the above simpler example, a static server serving highly cacheable + content has a set of policies applied to ensure that the server configuration + conforms to a minimum level of compliance.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policyconditional" id="policyconditional">Conditional Request Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyconditional">PolicyConditional</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server does not correctly respond + to a conditional request with the appropriate status code.</p> + + <p>Conditional requests form the mechanism by which an HTTP cache makes + stale content fresh again, and particularly for content with short freshness + lifetimes, lack of support for conditional requests can add avoidable load + to the server.</p> + + <p>Most specifically, the existence of any of following headers in the + request makes the request conditional:</p> + + <dl> + <dt><code>If-Match</code></dt> + <dd>If the provided ETag in the <code>If-Match</code> header does not match + the ETag of the response, the server should return + <code>412 Precondition Failed</code>. Full details of how to handle an + <code>If-Match</code> header can be found in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.24"> + RFC2616 section 14.24</a>.</dd> + + <dt><code>If-None-Match</code></dt> + <dd>If the provided ETag in the <code>If-None-Match</code> header matches + the ETag of the response, the server should return either + <code>304 Not Modified</code> for GET/HEAD requests, or + <code>412 Precondition Failed</code> for other methods. Full details of how + to handle an <code>If-None-Match</code> header can be found in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26"> + RFC2616 section 14.26</a>.</dd> + + <dt><code>If-Modified-Since</code></dt> + <dd>If the provided date in the <code>If-Modified-Since</code> header is + older than the <code>Last-Modified</code> header of the response, the server + should return <code>304 Not Modified</code>. Full details of how to handle an + <code>If-Modified-Since</code> header can be found in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.25"> + RFC2616 section 14.25</a>.</dd> + + <dt><code>If-Unmodified-Since</code></dt> + <dd>If the provided date in the <code>If-Modified-Since</code> header is + newer than the <code>Last-Modified</code> header of the response, the server + should return <code>412 Precondition Failed</code>. Full details of how to + handle an <code>If-Unmodified-Since</code> header can be found in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.28"> + RFC2616 section 14.28</a>.</dd> + + <dt><code>If-Range</code></dt> + <dd>If the provided ETag or date in the <code>If-Range</code> header matches + the ETag or Last-Modified of the response, and a valid <code>Range</code> + is present, the server should return + <code>206 Partial Response</code>. Full details of how to handle an + <code>If-Range</code> header can be found in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.27"> + RFC2616 section 14.27</a>.</dd> + + </dl> + + <p>If the response is detected to have been successful (a 2xx response), + but was conditional and one of the responses above was expected instead, + this policy will be rejected. Responses that indicate a redirect or a + failure of some kind (3xx, 4xx, 5xx) will be ignored by this policy.</p> + + <p>This policy is implemented by the <strong>POLICY_CONDITIONAL</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policylength" id="policylength">Content-Length Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policylength">PolicyLength</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response does not contain + an explicit <code>Content-Length</code> header.</p> + + <p>There are a number of ways of determining the length of a response + body, described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec4.4"> + RFC2616 section 4.4 Message Length</a>.</p> + + <p>When the <code>Content-Length</code> header is present, the size of + the body is declared at the start of the response. If this information + is missing, an HTTP cache might choose to ignore the response, as it + does not know in advance whether the response will fit within the + cache's defined limits.</p> + + <p>HTTP/1.1 defines the <code>Transfer-Encoding</code> header as an + alternative to <code>Content-Length</code>, allowing the end of the + response to be indicated to the client without the client having to + know the length beforehand. However, when HTTP/1.0 requests are + processed, and no <code>Content-Length</code> is specified, the only + mechanism available to the server to indicate the end of the request + is to drop the connection. In an environment containing load + balancers, this can cause the keepalive mechanism to be bypassed. + </p> + + <p>If the response is detected to have been successful (a 2xx response), + and has a response body (this excludes <code>204 No Content</code>), and + the <code>Content-Length</code> header is missing, this policy will be + rejected. Responses that indicate a redirect or a failure of some kind + (3xx, 4xx, 5xx) will be ignored by this policy.</p> + + <div class="warning">It should be noted that some modules, such as + <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code>, add their own <code>Content-Length</code> + header should the response be small enough for it to have been possible + to read the response lacking such a header in one go. This may cause + small responses to pass this policy, while larger responses may + fail for the same URL.</div> + + <p>This policy is implemented by the <strong>POLICY_LENGTH</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policytype" id="policytype">Content-Type Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policytype">PolicyType</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response does not contain + an explicit and syntactically correct <code>Content-Type</code> header + that matches the server defined pattern.</p> + + <p>The media type of the body is placed in the <code>Content-Type</code> + header, and the format of the header is described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec3.7"> + RFC2616 section 3.7 Media Types</a>.</p> + + <p>A syntactically valid content type might look as follows:</p> + + <div class="example"><p><code> + Content-Type: text/html; charset=iso-8859-1 + </code></p></div> + + <p>Invalid content types might include:</p> + + <div class="example"><p><code> + # invalid<br /> + Content-Type: foo<br /> + # blank<br /> + Content-Type: + </code></p></div> + + <p>The server administrator has the option to restrict the policy to one + or more specific types, or could specify a general wildcard type such as + <code>*/*</code>.</p> + + <p>This policy is implemented by the <strong>POLICY_TYPE</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policykeepalive" id="policykeepalive">Keepalive Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policykeepalive">PolicyKeepalive</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response does not contain + an explicit <code>Content-Length</code> header, or a + <code>Transfer-Encoding</code> of chunked.</p> + + <p>There are a number of ways of determining the length of a response + body, described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec4.4"> + RFC2616 section 4.4 Message Length</a>.</p> + + <p>When the <code>Content-Length</code> header is present, the size of + the body is declared at the start of the response. HTTP/1.1 defines the + <code>Transfer-Encoding</code> header as an alternative to + <code>Content-Length</code>, allowing the end of the response to be + indicated to the client without the client having to know the length + beforehand. In the absence of these two mechanisms, the only way for + a server to indicate the end of the request is to drop the connection. + In an environment containing load balancers, this can cause the keepalive + mechanism to be bypassed. + </p> + + <p>Most specifically, we follow these rules:</p> + + <dl> + <dt>IF</dt> + <dd>we have not marked this connection as errored;</dd> + + <dt>and</dt> + <dd>the client isn't expecting 100-continue</dd> + + <dt>and</dt> + <dd>the response status does not require a close;</dd> + + <dt>and</dt> + <dd>the response body has a defined length due to the status code + being 304 or 204, the request method being HEAD, already having defined + Content-Length or Transfer-Encoding: chunked, or the request version + being HTTP/1.1 and thus capable of being set as chunked</dd> + + <dt>THEN</dt> + <dd>we support keepalive.</dd> + </dl> + + <div class="warning">The server may choose to turn off keepalive for + various reasons, such as an imminent shutdown, or a Connection: close from + the client, or an HTTP/1.0 client request with a response with no + <code>Content-Length</code>, but for our purposes we only care that + keepalive was possible from the application, not that keepalive actually + took place.</div> + + <p>It should also be noted that the Apache httpd server includes a filter + that adds chunked encoding to responses without an explicit content + length. This policy catches those cases where this filter is bypassed or + not in effect.</p> + + <p>This policy is implemented by the <strong>POLICY_KEEPALIVE</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policymaxage" id="policymaxage">Freshness Lifetime / Maxage Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policymaxage">PolicyMaxage</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response does not have + an explicit <strong>freshness lifetime</strong> at least as long + as the server defined limit, or if the freshness lifetime is + calculated based on a heuristic.</p> + + <p>Full details of how a freshness lifetime is calculated is described in + full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec13.2"> + RFC2616 section 13.2 Expiration Model</a>.</p> + + <p>During the freshness lifetime, a cache does not need to contact the + origin server at all, it can simply pass the cached content as is back + to the client.</p> + + <p>When the freshness lifetime is reached, the cache should contact the + origin server in an effort to check whether the content is still fresh, + and if not, replace the content.</p> + + <p>When the freshness lifetime is too short, it can result in excessive + load on the server. In addition, should an outage occur that is as long + or longer than the freshness lifetime, all cached content will become + stale, which could cause a thundering herd of traffic when the + server or network returns.</p> + + <p>This policy is implemented by the <strong>POLICY_MAXAGE</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policynocache" id="policynocache">No Cache Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policynocache">PolicyNocache</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response declares itself + uncacheable using either the <code>Cache-Control</code> or + <code>Pragma</code> headers.</p> + + <p>Full details of how content may be declared uncacheable is described in + full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1"> + RFC2616 section 14.9.1 What is Cacheable</a>, and within the definition + for the <code>Pragma</code> header in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32"> + RFC2616 section 14.32 Pragma</a>.</p> + + <p>Most specifically, should any of the following header combinations + exist in the response headers, the response will be rejected:</p> + + <ul> + <li><code>Cache-Control: no-cache</code></li> + <li><code>Cache-Control: no-store</code></li> + <li><code>Cache-Control: private</code></li> + <li><code>Pragma: no-cache</code></li> + </ul> + + <p>When unexpected, uncacheable content may produce unacceptable levels + of server load, or may incur significant cost. When this policy is enabled, + all server defined uncacheable content will be rejected.</p> + + <p>This policy is implemented by the <strong>POLICY_NOCACHE</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policyvalidation" id="policyvalidation">Validation Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyvalidation">PolicyValidation</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response does not contain + either a syntactically correct <code>ETag</code> or + <code>Last-Modified</code> header.</p> + + <p>The <code>ETag</code> header is described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19"> + RFC2616 section 14.19 Etag</a>, and the <code>Last-Modified</code> header + is described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.29"> + RFC2616 section 14.29 Last-Modified</a>.</p> + + <p>In addition to being checked present, the headers are checked for + syntax.</p> + + <p>An <code>ETag</code> that is not surrounded with quotes, or is not + declared "weak" by prefixing it with a "W/" will cause the policy to be + rejected. A <code>Last-Modified</code> that is not parsed as a valid date + will cause the policy to be rejected.</p> + + <p>This policy is implemented by the <strong>POLICY_VALIDATION</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policyvary" id="policyvary">Vary Header Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyvary">PolicyVary</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the server response contains a + <code>Vary</code> header, and that header in turn contains a header + blacklisted by the administrator.</p> + + <p>The <code>Vary</code> header is described in full in + <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.44"> + RFC2616 section 14.44 Vary</a>.</p> + + <p>Some client provided headers, such as <code>User-Agent</code>, + can contain thousands or millions of combinations of values over a period + of time, and if the response is declared cacheable, a cache might attempt + to cache each of these responses separately, filling up the cache and + crowding out other entries in the cache. In this scenario, if so + configured, the policy will reject the response.</p> + + <p>This policy is implemented by the <strong>POLICY_VARY</strong> + filter.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div> +<div class="section"> +<h2><a name="policyversion" id="policyversion">Protocol Version Policy</a></h2> + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_policy.html#policyversion">PolicyVersion</a></code></li></ul></td></tr></table> + + <p>This policy will be rejected if the client request was made with a + version number lower than the version of HTTP specified.</p> + + <p>This policy is typically used with restful applications where + control over the type of client is desired. This policy can be used + alongside the <code>POLICY_KEEPALIVE</code> filter to ensure that + HTTP/1.0 clients don't cause keepalive connections to be dropped.</p> + + <p>Possible minimum versions that could be specified are:</p> + + <ul><li><code>HTTP/1.1</code></li> + <li><code>HTTP/1.0</code></li> + <li><code>HTTP/0.9</code></li> + </ul> + + <p>This policy is implemented by the <strong>POLICY_VERSON</strong> + filter.</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="./en/compliance.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/docs/manual/compliance.xml.meta b/docs/manual/compliance.xml.meta new file mode 100644 index 0000000000..896b4812ff --- /dev/null +++ b/docs/manual/compliance.xml.meta @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<!-- GENERATED FROM XML: DO NOT EDIT --> + +<metafile reference="compliance.xml"> + <basename>compliance</basename> + <path>/</path> + <relpath>.</relpath> + + <variants> + <variant>en</variant> + </variants> +</metafile> diff --git a/docs/manual/filter.html.en b/docs/manual/filter.html.en index c3fcccc635..077f7a1ab0 100644 --- a/docs/manual/filter.html.en +++ b/docs/manual/filter.html.en @@ -37,7 +37,7 @@ <div class="section"> <h2><a name="intro" id="intro">Filtering in Apache 2</a></h2> - <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_filter.html">mod_filter</a></code></li><li><code class="module"><a href="./mod/mod_deflate.html">mod_deflate</a></code></li><li><code class="module"><a href="./mod/mod_ext_filter.html">mod_ext_filter</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li><li><code class="module"><a href="./mod/mod_charset_lite.html">mod_charset_lite</a></code></li><li><code class="module"><a href="./mod/mod_reflector.html">mod_reflector</a></code></li><li><code class="module"><a href="./mod/mod_buffer.html">mod_buffer</a></code></li><li><code class="module"><a href="./mod/mod_data.html">mod_data</a></code></li><li><code class="module"><a href="./mod/mod_ratelimit.html">mod_ratelimit</a></code></li><li><code class="module"><a href="./mod/mod_reqtimeout.html">mod_reqtimeout</a></code></li><li><code class="module"><a href="./mod/mod_request.html">mod_request</a></code></li><li><code class="module"><a href="./mod/mod_sed.html">mod_sed</a></code></li><li><code class="module"><a href="./mod/mod_substitute.html">mod_substitute</a></code></li><li><code class="module"><a href="./mod/mod_xml2enc.html">mod_xml2enc</a></code></li><li><code class="module"><a href="./mod/mod_proxy_html.html">mod_proxy_html</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_filter.html#filterchain">FilterChain</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterdeclare">FilterDeclare</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprotocol">FilterProtocol</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#addinputfilter">AddInputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#removeinputfilter">RemoveInputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#removeoutputfilter">RemoveOutputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_reflector.html#reflectorheader">ReflectorHeader</a></code></li><li><code class="directive"><a href="./mod/mod_ext_filter.html#extfilterdefine">ExtFilterDefine</a></code></li><li><code class="directive"><a href="./mod/mod_ext_filter.html#extfilteroptions">ExtFilterOptions</a></code></li><li><code class="directive"><a href="./mod/core.html#setinputfilter">SetInputFilter</a></code></li><li><code class="directive"><a href="./mod/core.html#setoutputfilter">SetOutputFilter</a></code></li></ul></td></tr></table> + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_filter.html">mod_filter</a></code></li><li><code class="module"><a href="./mod/mod_deflate.html">mod_deflate</a></code></li><li><code class="module"><a href="./mod/mod_ext_filter.html">mod_ext_filter</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li><li><code class="module"><a href="./mod/mod_charset_lite.html">mod_charset_lite</a></code></li><li><code class="module"><a href="./mod/mod_reflector.html">mod_reflector</a></code></li><li><code class="module"><a href="./mod/mod_buffer.html">mod_buffer</a></code></li><li><code class="module"><a href="./mod/mod_data.html">mod_data</a></code></li><li><code class="module"><a href="./mod/mod_ratelimit.html">mod_ratelimit</a></code></li><li><code class="module"><a href="./mod/mod_reqtimeout.html">mod_reqtimeout</a></code></li><li><code class="module"><a href="./mod/mod_request.html">mod_request</a></code></li><li><code class="module"><a href="./mod/mod_sed.html">mod_sed</a></code></li><li><code class="module"><a href="./mod/mod_substitute.html">mod_substitute</a></code></li><li><code class="module"><a href="./mod/mod_xml2enc.html">mod_xml2enc</a></code></li><li><code class="module"><a href="./mod/mod_proxy_html.html">mod_proxy_html</a></code></li><li><code class="module"><a href="./mod/mod_policy.html">mod_policy</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_filter.html#filterchain">FilterChain</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterdeclare">FilterDeclare</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprotocol">FilterProtocol</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#addinputfilter">AddInputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#removeinputfilter">RemoveInputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_mime.html#removeoutputfilter">RemoveOutputFilter</a></code></li><li><code class="directive"><a href="./mod/mod_reflector.html#reflectorheader">ReflectorHeader</a></code></li><li><code class="directive"><a href="./mod/mod_ext_filter.html#extfilterdefine">ExtFilterDefine</a></code></li><li><code class="directive"><a href="./mod/mod_ext_filter.html#extfilteroptions">ExtFilterOptions</a></code></li><li><code class="directive"><a href="./mod/core.html#setinputfilter">SetInputFilter</a></code></li><li><code class="directive"><a href="./mod/core.html#setoutputfilter">SetOutputFilter</a></code></li></ul></td></tr></table> <p>The Filter Chain is available in Apache 2.0 and higher, and enables applications to process incoming and outgoing data diff --git a/docs/manual/filter.xml.es b/docs/manual/filter.xml.es index 15c98cc461..316e7ccaf6 100644 --- a/docs/manual/filter.xml.es +++ b/docs/manual/filter.xml.es @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.es.xsl"?> -<!-- English Revision: 151408:1189549 (outdated) --> +<!-- English Revision: 151408:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/filter.xml.ja b/docs/manual/filter.xml.ja index 78efda6643..6811774cbc 100644 --- a/docs/manual/filter.xml.ja +++ b/docs/manual/filter.xml.ja @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.ja.xsl"?> -<!-- English Revision: 151408:1189549 (outdated) --> +<!-- English Revision: 151408:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/filter.xml.ko b/docs/manual/filter.xml.ko index de773f8864..31104e863f 100644 --- a/docs/manual/filter.xml.ko +++ b/docs/manual/filter.xml.ko @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="EUC-KR" ?> <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.ko.xsl"?> -<!-- English Revision: 151408:1189549 (outdated) --> +<!-- English Revision: 151408:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/filter.xml.tr b/docs/manual/filter.xml.tr index 24d87b1256..1b05c30506 100644 --- a/docs/manual/filter.xml.tr +++ b/docs/manual/filter.xml.tr @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.tr.xsl"?> -<!-- English Revision: 659902:1189549 (outdated) --> +<!-- English Revision: 659902:1221670 (outdated) --> <!-- ===================================================== Translated by: Nilgün Belma Bugüner <nilgun belgeler.org> Reviewed by: Orhan Berent <berent belgeler.org> diff --git a/docs/manual/images/compliance-reverse-proxy.png b/docs/manual/images/compliance-reverse-proxy.png Binary files differnew file mode 100644 index 0000000000..898987f2e1 --- /dev/null +++ b/docs/manual/images/compliance-reverse-proxy.png diff --git a/docs/manual/images/compliance-static.png b/docs/manual/images/compliance-static.png Binary files differnew file mode 100644 index 0000000000..9955dec76d --- /dev/null +++ b/docs/manual/images/compliance-static.png diff --git a/docs/manual/index.html.en b/docs/manual/index.html.en index a771340282..d521bdb535 100644 --- a/docs/manual/index.html.en +++ b/docs/manual/index.html.en @@ -64,6 +64,7 @@ Documentation</h1> <li><a href="dso.html">Dynamic Shared Objects (DSO)</a></li> <li><a href="env.html">Environment Variables</a></li> <li><a href="logs.html">Log Files</a></li> +<li><a href="compliance.html">HTTP Protocol Compliance</a></li> <li><a href="urlmapping.html">Mapping URLs to the Filesystem</a></li> <li><a href="misc/perf-tuning.html">Performance Tuning</a></li> <li><a href="misc/security_tips.html">Security Tips</a></li> diff --git a/docs/manual/index.xml.da b/docs/manual/index.xml.da index 9e35e8b18e..f0aaaae02a 100644 --- a/docs/manual/index.xml.da +++ b/docs/manual/index.xml.da @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?> -<!-- English Revision: 959136:1220524 (outdated) --> +<!-- English Revision: 959136:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.de b/docs/manual/index.xml.de index e0392463b3..1caec1fc06 100644 --- a/docs/manual/index.xml.de +++ b/docs/manual/index.xml.de @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.de.xsl"?> -<!-- English Revision: 1050960:1220524 (outdated) --> +<!-- English Revision: 1050960:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.es b/docs/manual/index.xml.es index 9515812f19..b33eb6f86a 100644 --- a/docs/manual/index.xml.es +++ b/docs/manual/index.xml.es @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.es.xsl"?> -<!-- English Revision: 105989:1220524 (outdated) --> +<!-- English Revision: 105989:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.ja b/docs/manual/index.xml.ja index 690cde8b99..c81fa743c8 100644 --- a/docs/manual/index.xml.ja +++ b/docs/manual/index.xml.ja @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.ja.xsl"?> -<!-- English Revision: 636028:1220524 (outdated) --> +<!-- English Revision: 636028:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.ko b/docs/manual/index.xml.ko index d15040079c..6512da7fc3 100644 --- a/docs/manual/index.xml.ko +++ b/docs/manual/index.xml.ko @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="EUC-KR" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.ko.xsl"?> -<!-- English Revision: 105989:1220524 (outdated) --> +<!-- English Revision: 105989:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.pt-br b/docs/manual/index.xml.pt-br index 283c62f039..83a4fe9cd9 100644 --- a/docs/manual/index.xml.pt-br +++ b/docs/manual/index.xml.pt-br @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.pt-br.xsl"?> -<!-- English Revision: 420993:1220524 (outdated) --> +<!-- English Revision: 420993:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/index.xml.tr b/docs/manual/index.xml.tr index d441750bf9..238ca29e0e 100644 --- a/docs/manual/index.xml.tr +++ b/docs/manual/index.xml.tr @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE indexpage SYSTEM "./style/sitemap.dtd"> <?xml-stylesheet type="text/xsl" href="./style/manual.tr.xsl"?> -<!-- English Revision: 1174747:1220524 (outdated) --> +<!-- English Revision: 1174747:1221670 (outdated) --> <!-- Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/docs/manual/mod/allmodules.xml.de b/docs/manual/mod/allmodules.xml.de index 57aca67d9e..12c89e65cc 100644 --- a/docs/manual/mod/allmodules.xml.de +++ b/docs/manual/mod/allmodules.xml.de @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/allmodules.xml.es b/docs/manual/mod/allmodules.xml.es index ee0cebbc9f..879cf6ca6c 100644 --- a/docs/manual/mod/allmodules.xml.es +++ b/docs/manual/mod/allmodules.xml.es @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/allmodules.xml.fr b/docs/manual/mod/allmodules.xml.fr index 4d4a82b87e..941e9d9fba 100644 --- a/docs/manual/mod/allmodules.xml.fr +++ b/docs/manual/mod/allmodules.xml.fr @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml.fr</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml.fr</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/allmodules.xml.ja b/docs/manual/mod/allmodules.xml.ja index 61409458a2..cd381be2ef 100644 --- a/docs/manual/mod/allmodules.xml.ja +++ b/docs/manual/mod/allmodules.xml.ja @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml.ja</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml.ja</modulefile> <modulefile>mod_proxy_ajp.xml.ja</modulefile> diff --git a/docs/manual/mod/allmodules.xml.ko b/docs/manual/mod/allmodules.xml.ko index 7d67de05ca..7085baf9d4 100644 --- a/docs/manual/mod/allmodules.xml.ko +++ b/docs/manual/mod/allmodules.xml.ko @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/allmodules.xml.tr b/docs/manual/mod/allmodules.xml.tr index 54ce00e750..56e265f3d2 100644 --- a/docs/manual/mod/allmodules.xml.tr +++ b/docs/manual/mod/allmodules.xml.tr @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/allmodules.xml.zh-cn b/docs/manual/mod/allmodules.xml.zh-cn index a26ed7b80e..ce0b4bbe2a 100644 --- a/docs/manual/mod/allmodules.xml.zh-cn +++ b/docs/manual/mod/allmodules.xml.zh-cn @@ -72,6 +72,7 @@ <modulefile>mod_mime_magic.xml</modulefile> <modulefile>mod_negotiation.xml</modulefile> <modulefile>mod_nw_ssl.xml</modulefile> + <modulefile>mod_policy.xml</modulefile> <modulefile>mod_privileges.xml</modulefile> <modulefile>mod_proxy.xml</modulefile> <modulefile>mod_proxy_ajp.xml</modulefile> diff --git a/docs/manual/mod/directives.html.en b/docs/manual/mod/directives.html.en index cc11a45de6..06b06d405e 100644 --- a/docs/manual/mod/directives.html.en +++ b/docs/manual/mod/directives.html.en @@ -378,6 +378,26 @@ <li><a href="mod_sed.html#outputsed">OutputSed</a></li> <li><a href="mod_env.html#passenv" id="P" name="P">PassEnv</a></li> <li><a href="mpm_common.html#pidfile">PidFile</a></li> +<li><a href="mod_policy.html#policyconditional">PolicyConditional</a></li> +<li><a href="mod_policy.html#policyconditionalurl">PolicyConditionalURL</a></li> +<li><a href="mod_policy.html#policyenvironment">PolicyEnvironment</a></li> +<li><a href="mod_policy.html#policyfilter">PolicyFilter</a></li> +<li><a href="mod_policy.html#policykeepalive">PolicyKeepalive</a></li> +<li><a href="mod_policy.html#policykeepaliveurl">PolicyKeepaliveURL</a></li> +<li><a href="mod_policy.html#policylength">PolicyLength</a></li> +<li><a href="mod_policy.html#policylengthurl">PolicyLengthURL</a></li> +<li><a href="mod_policy.html#policymaxage">PolicyMaxage</a></li> +<li><a href="mod_policy.html#policymaxageurl">PolicyMaxageURL</a></li> +<li><a href="mod_policy.html#policynocache">PolicyNocache</a></li> +<li><a href="mod_policy.html#policynocacheurl">PolicyNocacheURL</a></li> +<li><a href="mod_policy.html#policytype">PolicyType</a></li> +<li><a href="mod_policy.html#policytypeurl">PolicyTypeURL</a></li> +<li><a href="mod_policy.html#policyvalidation">PolicyValidation</a></li> +<li><a href="mod_policy.html#policyvalidationurl">PolicyValidationURL</a></li> +<li><a href="mod_policy.html#policyvary">PolicyVary</a></li> +<li><a href="mod_policy.html#policyvaryurl">PolicyVaryURL</a></li> +<li><a href="mod_policy.html#policyversion">PolicyVersion</a></li> +<li><a href="mod_policy.html#policyversionurl">PolicyVersionURL</a></li> <li><a href="mod_privileges.html#privilegesmode">PrivilegesMode</a></li> <li><a href="core.html#protocol">Protocol</a></li> <li><a href="mod_echo.html#protocolecho">ProtocolEcho</a></li> diff --git a/docs/manual/mod/index.html.en b/docs/manual/mod/index.html.en index 16fc237cad..e0dd990155 100644 --- a/docs/manual/mod/index.html.en +++ b/docs/manual/mod/index.html.en @@ -163,7 +163,8 @@ request processing</dd> by looking at a few bytes of its contents</dd> <dt><a href="mod_negotiation.html" id="N" name="N">mod_negotiation</a></dt><dd>Provides for <a href="../content-negotiation.html">content negotiation</a></dd> <dt><a href="mod_nw_ssl.html">mod_nw_ssl</a></dt><dd>Enable SSL encryption for NetWare</dd> -<dt><a href="mod_privileges.html" id="P" name="P">mod_privileges</a></dt><dd>Support for Solaris privileges and for running virtual hosts +<dt><a href="mod_policy.html" id="P" name="P">mod_policy</a></dt><dd>HTTP protocol compliance enforcement.</dd> +<dt><a href="mod_privileges.html">mod_privileges</a></dt><dd>Support for Solaris privileges and for running virtual hosts under different user IDs.</dd> <dt><a href="mod_proxy.html">mod_proxy</a></dt><dd>Multi-protocol proxy/gateway server</dd> <dt><a href="mod_proxy_ajp.html">mod_proxy_ajp</a></dt><dd>AJP support module for diff --git a/docs/manual/mod/mod_policy.html b/docs/manual/mod/mod_policy.html new file mode 100644 index 0000000000..d574c56c94 --- /dev/null +++ b/docs/manual/mod/mod_policy.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: mod_policy.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/docs/manual/mod/mod_policy.html.en b/docs/manual/mod/mod_policy.html.en new file mode 100644 index 0000000000..b32c3fd67f --- /dev/null +++ b/docs/manual/mod/mod_policy.html.en @@ -0,0 +1,685 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>mod_policy - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body> +<div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.5</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.5</a> > <a href="./">Modules</a></div> +<div id="page-content"> +<div id="preamble"><h1>Apache Module mod_policy</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/mod/mod_policy.html" title="English"> en </a></p> +</div> +<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>HTTP protocol compliance enforcement.</td></tr> +<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>policy_module</td></tr> +<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_policy.c</td></tr></table> +<h3>Summary</h3> + + <p>The HTTP protocol recommends that clients should be "liberal in + what they accept", and servers "strict with what they send". In some + cases it can be difficult to detect when a server or an application + has been misconfigured, is serving uncacheable content or is behaving + suboptimally, as an HTTP client might be compensating for the server. + These problems can potentially lead to excessive bandwidth + consumption, or a server outage under load.</p> + + <p>The <code class="module"><a href="../mod/mod_policy.html">mod_policy</a></code> module consists of a set of + filters that test servers for HTTP protocol compliance. These + tests allow the server administrator to log violations of, or + outright reject responses where certain defined conditions exist.</p> + + <p>This could be used as a way to set minimum HTTP protocol compliance + criteria for a restful application. Alternatively, a reverse proxy or + cache could be configured to protect itself from misconfigured origin + servers or unexpectedly uncacheable content, or as a mechanism to + detect configuration mistakes within the server itself.</p> + +</div> +<div id="quickview"><h3 class="directives">Directives</h3> +<ul id="toc"> +<li><img alt="" src="../images/down.gif" /> <a href="#policyconditional">PolicyConditional</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyconditionalurl">PolicyConditionalURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyenvironment">PolicyEnvironment</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyfilter">PolicyFilter</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policykeepalive">PolicyKeepalive</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policykeepaliveurl">PolicyKeepaliveURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policylength">PolicyLength</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policylengthurl">PolicyLengthURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policymaxage">PolicyMaxage</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policymaxageurl">PolicyMaxageURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policynocache">PolicyNocache</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policynocacheurl">PolicyNocacheURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policytype">PolicyType</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policytypeurl">PolicyTypeURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyvalidation">PolicyValidation</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyvalidationurl">PolicyValidationURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyvary">PolicyVary</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyvaryurl">PolicyVaryURL</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyversion">PolicyVersion</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#policyversionurl">PolicyVersionURL</a></li> +</ul> +<h3>Topics</h3> +<ul id="topics"> +<li><img alt="" src="../images/down.gif" /> <a href="#actions">Actions</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#tests">Policy Tests</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#example">Example Configuration</a></li> +</ul><h3>See also</h3> +<ul class="seealso"> +<li><a href="../filter.html">Filters</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="actions" id="actions">Actions</a></h2> + + + <p>If a policy is violated, one of the following actions can be + taken:</p> + + <dl> + <dt><strong>ignore</strong></dt> + <dd>The policy check will be ignored for the given URL space, even + if the filter is present.</dd> + + <dt><strong>log</strong></dt> + <dd>The policy check will be executed, and if a violation is detected + a warning will be logged to the server error_log, and a + <code>Warning</code> header added to the response for the benefit of + the client.</dd> + + <dt><strong>enforce</strong></dt> + <dd>The policy check will be executed, and if a violation is detected + an error will be logged to the server error_log, a + <code>Warning</code> header added to the response, and a <code>502 + Bad Gateway</code> will be returned to the client. Optional links to + explanatory documentation can be added to each error message, + detailing the origin of each policy.</dd> + + </dl> + + <p>It is also possible to selectively disable all policies for a + given URL space, should the need arise, using the + <code class="directive"><a href="#policyfilter">PolicyFilter</a></code> directive.</p> + + <p>Alternatively, the + <code class="directive"><a href="#policyenvironment">PolicyEnvironment</a></code> + directive can be used to specify an environment variable, which if + present, will cause the policies to be selectively downgraded or + bypassed.</p> + +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="tests" id="tests">Policy Tests</a></h2> + + + <p>The following policy filters are available:</p> + + <dl> + <dt><strong><a href="../compliance.html#policytype">POLICY_TYPE</a> + </strong>: Enforce valid content types</dt> + <dd>Content types that are syntactically invalid or blank can be detected + and the request rejected. Types can be restricted to a specific list + containing optional wildcards ? and *.</dd> + + <dt><strong><a href="../compliance.html#policylength">POLICY_LENGTH</a> + </strong>: Enforce the presence of a Content-Length</dt> + <dd>The length of responses can be specified in one of three ways, by + specifying an explicit length in advance, using chunked encoding to set + the length, or by setting no length at all and terminating the request + when complete. The absence of a specific content length can affect the + cacheability of the response, and prevents the use of keepalive during + HTTP/1.0 requests. This policy enforces the presence of an explicit + content length on the response.</dd> + + <dt><strong><a href="../compliance.html#policykeepalive">POLICY_KEEPALIVE + </a></strong>: Enforce the option to keepalive</dt> + <dd>Less restrictive than the POLICY_LENGTH test, this policy enforces the + possibility that the response can be kept alive. If the response doesn't + have a protocol defined zero length, and the response isn't already an + error, and the response has neither a Content-Length or is declared + HTTP/1.1 and lacks Content-Encoding: chunked, then this response will be + rejected.</dd> + + <dt><strong><a href="../compliance.html#policyvary">POLICY_VARY</a> + </strong>: Enforce the absence of certain headers within Vary headers</dt> + <dd>If the Vary header contains any of the headers specified, this policy + will reject the request. The typical case is the presence of the User-Agent + within Vary, which is likely to cause a denial of service condition to a + cache.</dd> + + <dt><strong><a href="../compliance.html#policyvalidation"> + POLICY_VALIDATION</a></strong>: Enforce the presence of Etag and/or + Last-Modified</dt> + <dd>The ability for a cache to determine whether a cached entity can be + refreshed is dependent on whether a valid Etag and/or Last-Modified header + is present to revalidate against. The absence of both headers, or the + invalid syntax of a header will cause this policy to be rejected.</dd> + + <dt><strong><a href="../compliance.html#policyconditional"> + POLICY_CONDITIONAL</a></strong>: Enforce correct operation of conditional + requests</dt> + <dd>When conditional headers are present in the request, a server should + respond with a <code>304 Not Modified</code> or <code>412 Precondition + Failed</code> response where appropriate. A server may ignore conditional + headers, and this affects the efficiency of the HTTP caching mechanism. + This policy rejects requests where a conditional header is present, and + a 304 or 412 response code was expected, but a 2xx response was seen + instead.</dd> + + <dt><strong><a href="../compliance.html#policynocache">POLICY_NOCACHE</a> + </strong>: Enforce cacheable responses</dt> + <dd>When a response is encountered that declares itself explicitly + uncacheable, the request is rejected. A response is considered + uncacheable if it specifies any of the following: + <ul><li><code>Cache-Control: no-cache</code></li> + <li><code>Pragma: no-cache</code></li> + <li><code>Cache-Control: no-store</code></li> + <li><code>Cache-Control: private</code></li> + </ul></dd> + + <dt><strong><a href="../compliance.html#policymaxage">POLICY_MAXAGE</a> + </strong>: Enforce a minimum maxage</dt> + <dd>When a response is encountered where the freshness lifetime is less + than the given value, or the freshness lifetime is heuristic, the request + is rejected. A response is checked in the following order: + <ul><li>If <code>s-maxage</code> is present but too small; or</li> + <li>If <code>max-age</code> is present but too small; or</li> + <li>If <code>Expires</code> is present and invalid; or</li> + <li><code>Date</code> is present and invalid; or</li> + <li><code>Expires</code> minus Date is too small; or</li> + <li>No <code>s-maxage</code>, <code>maxage</code>, or + <code>Expires</code>/<code>Date</code> declared at all</li> + </ul></dd> + + <dt><strong><a href="../compliance.html#policyversion">POLICY_VERSION</a> + </strong>: Enforce a minimum HTTP version within a request</dt> + <dd>When a request is encountered with an HTTP version number less than + the required minimum version, the request is rejected. The following + version numbers are recognised: + <ul><li><code>HTTP/1.1</code></li> + <li><code>HTTP/1.0</code></li> + <li><code>HTTP/0.9</code></li> + </ul></dd> + + </dl> + +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="example" id="example">Example Configuration</a></h2> + + + <p>A typical configuration protecting a server serving static content + might be as follows:</p> + + <div class="example"><p><code> + <Location /><br /> + <span class="indent"> + SetOutputFilter POLICY_TYPE;POLICY_LENGTH;POLICY_KEEPALIVE;POLICY_VARY;POLICY_VALIDATION; \<br /> + <span class="indent"> + POLICY_CONDITIONAL;POLICY_NOCACHE;POLICY_MAXAGE;POLICY_VERSION<br /> + </span> + <br /> + # content type must be present and valid, but can be anything<br /> + PolicyType enforce */*<br /> + <br /> + # reject if no explicitly declared content length<br /> + PolicyLength enforce<br /> + <br /> + # covered by the policy length filter<br /> + PolicyKeepalive ignore<br /> + <br /> + # reject if User-Agent appears within Vary headers<br /> + PolicyVary enforce User-Agent<br /> + <br /> + # we want to enforce validation<br /> + PolicyValidation enforce<br /> + <br /> + # non-functional conditional responses should be rejected<br /> + PolicyConditional enforce<br /> + <br /> + # no-cache responses should be rejected<br /> + PolicyNocache enforce<br /> + <br /> + # maxage must be at least a day<br /> + PolicyMaxage enforce 86400<br /> + <br /> + # request version can be anything<br /> + PolicyVersion ignore HTTP/1.1<br /> + </span> + </Location><br /> + <br /> + # suppress policy protection for server-status<br /> + <Location /server-status><br /> + <span class="indent"> + PolicyFilter off<br /> + </span> + </Location><br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyConditional" id="PolicyConditional">PolicyConditional</a> <a name="policyconditional" id="policyconditional">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the conditional request policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyConditional <var>ignore|log|enforce</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyConditional is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that should have been conditional + but wasn't will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # non-functional conditional responses should be rejected<br /> + PolicyConditional enforce<br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyConditionalURL" id="PolicyConditionalURL">PolicyConditionalURL</a> <a name="policyconditionalurl" id="policyconditionalurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the conditional request policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyConditionalURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyConditionalURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the conditional + request policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyEnvironment" id="PolicyEnvironment">PolicyEnvironment</a> <a name="policyenvironment" id="policyenvironment">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Override policies based on an environment variable.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyEnvironment <var>variable</var> <var>log-value</var> <var>ignore-value</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyEnvironment is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Downgrade policies to logging only or ignored based on the presence + of an environment variable. If the given variable is present and equal + to the log-value, enforced policies will be logged instead. If the given + variable is present and equal to the ignore-value, all policies will + be ignored.</p> + + <div class="example"><h3>Example</h3><p><code> + # downgrade if POLICY_CONTROL was present<br /> + PolicyEnvironment POLICY_CONTROL log ignore<br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyFilter" id="PolicyFilter">PolicyFilter</a> <a name="policyfilter" id="policyfilter">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable or disable policies for the given URL space.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyFilter <var>on|off</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyFilter is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Master switch to enable or disable policies for a given URL space.</p> + + <div class="example"><h3>Example</h3><p><code> + # enabled by default<br /> + <Location /><br /> + <span class="indent"> + PolicyFilter on<br /> + </span> + </Location><br /> + <br /> + # suppress policy protection for server-status<br /> + <Location /server-status><br /> + <span class="indent"> + PolicyFilter off<br /> + </span> + </Location><br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyKeepalive" id="PolicyKeepalive">PolicyKeepalive</a> <a name="policykeepalive" id="policykeepalive">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the keepalive policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyKeepalive <var>ignore|log|enforce</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyKeepalive is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that lacks both an explicit + <code>Content-Length</code> header and a <code>Transfer-Encoding</code> + of <code>chunked</code> will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # missing Content-Length or Transfer-Encoding should be rejected<br /> + PolicyKeepalive enforce<br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyKeepaliveURL" id="PolicyKeepaliveURL">PolicyKeepaliveURL</a> <a name="policykeepaliveurl" id="policykeepaliveurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the keepalive policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyKeepaliveURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyKeepaliveURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the keepalive + policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyLength" id="PolicyLength">PolicyLength</a> <a name="policylength" id="policylength">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the content length policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyLength <var>ignore|log|enforce</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyLength is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that lacks an explicit + <code>Content-Length</code> header will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # missing Content-Length header should be rejected<br /> + PolicyLength enforce<br /> + </code></p></div> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyLengthURL" id="PolicyLengthURL">PolicyLengthURL</a> <a name="policylengthurl" id="policylengthurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the content length policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyLengthURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyLengthURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the content length + policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyMaxage" id="PolicyMaxage">PolicyMaxage</a> <a name="policymaxage" id="policymaxage">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the caching minimum max-age policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyMaxage <var>ignore|log|enforce</var> <var>age</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyMaxage is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that lacks an explicit freshness + lifetime defined with <code>max-age</code>, <code>s-maxage</code> or an + <code>Expires</code> header, or where the explicit freshness lifetime is + smaller than the given value, will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # reject responses with a freshness lifetime shorter than a day<br /> + PolicyMaxage enforce 86400<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyMaxageURL" id="PolicyMaxageURL">PolicyMaxageURL</a> <a name="policymaxageurl" id="policymaxageurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the caching minimum freshness lifetime policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyMaxageURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyMaxageURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the caching minimum + freshness lifetime policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyNocache" id="PolicyNocache">PolicyNocache</a> <a name="policynocache" id="policynocache">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the caching no-cache policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyNocache <var>ignore|log|enforce</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyNocache is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that defines itself uncacheable + using the <code>Cache-Control</code> or <code>Pragma</code> headers will + be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # Cache-Control: no-cache will be rejected<br /> + PolicyNocache enforce<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyNocacheURL" id="PolicyNocacheURL">PolicyNocacheURL</a> <a name="policynocacheurl" id="policynocacheurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the caching no-cache policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyNocacheURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyNocacheURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the caching no-cache + policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyType" id="PolicyType">PolicyType</a> <a name="policytype" id="policytype">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the content type policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyType <var>ignore|log|enforce</var> <var>type</var> [ <var>type</var> [ ... ]]</code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyType is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that lacks a <code>Content-Type</code> + header, where the <code>Content-Type</code> header is malformed, or where the + header does not match the given pattern or patterns will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # enforce json or XML<br /> + PolicyType enforce application/json text/xml<br /> + </code></p></div> + + <div class="example"><h3>Example</h3><p><code> + # malformed content type should be rejected<br /> + PolicyType enforce */*<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyTypeURL" id="PolicyTypeURL">PolicyTypeURL</a> <a name="policytypeurl" id="policytypeurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the content type policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyTypeURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyTypeURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the content type + policy, to appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyValidation" id="PolicyValidation">PolicyValidation</a> <a name="policyvalidation" id="policyvalidation">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the validation policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyValidation <var>ignore|log|enforce</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyValidation is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that lacks either a valid + <code>ETag</code> header or a <code>Last-Modified</code> header, or where + either header is syntactically incorrect, will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # no ETag or Last-Modified will be rejected<br /> + PolicyValidation enforce<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyValidationURL" id="PolicyValidationURL">PolicyValidationURL</a> <a name="policyvalidationurl" id="policyvalidationurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the content type policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyValidationURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyValidationURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the validation policy, to + appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyVary" id="PolicyVary">PolicyVary</a> <a name="policyvary" id="policyvary">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the Vary policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyVary <var>ignore|log|enforce</var> <var>header</var> [ <var>header</var> [ ... ]]</code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyVary is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a response that contains a <code>Vary</code> + header which in turn contains one of the headers listed, will be + rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # reject reponses with "User-Agent" listed in the Vary header<br /> + PolicyVary enforce User-Agent<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyVaryURL" id="PolicyVaryURL">PolicyVaryURL</a> <a name="policyvaryurl" id="policyvaryurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the content type policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyVaryURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyVaryURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the vary policy, to + appear within error messages.</p> + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyVersion" id="PolicyVersion">PolicyVersion</a> <a name="policyversion" id="policyversion">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable the version policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyVersion <var>ignore|log|enforce</var> <var>HTTP/0.9|HTTP/1.0|HTTP/1.1</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ignore</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyVersion is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>When logged or enforced, a request with a version lower than specified + will be rejected.</p> + + <div class="example"><h3>Example</h3><p><code> + # reject requests with an HTTP version older than HTTP/1.1<br /> + PolicyVersion enforce HTTP/1.1<br /> + </code></p></div> + + +</div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="directive-section"><h2><a name="PolicyVersionURL" id="PolicyVersionURL">PolicyVersionURL</a> <a name="policyversionurl" id="policyversionurl">Directive</a></h2> +<table class="directive"> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL describing the minimum request HTTP version policy.</td></tr> +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>PolicyVersionURL <var>url</var></code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr> +<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr> +<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> +<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_policy</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>PolicyVersionURL is only available in Apache 2.5.0 and +later.</td></tr> +</table> + <p>Specify the URL of the documentation describing the minimum request + HTTP version policy, to appear within error messages.</p> + +</div> +</div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/mod/mod_policy.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/docs/manual/mod/mod_policy.xml.meta b/docs/manual/mod/mod_policy.xml.meta new file mode 100644 index 0000000000..4198cf4ed1 --- /dev/null +++ b/docs/manual/mod/mod_policy.xml.meta @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<!-- GENERATED FROM XML: DO NOT EDIT --> + +<metafile reference="mod_policy.xml"> + <basename>mod_policy</basename> + <path>/mod/</path> + <relpath>..</relpath> + + <variants> + <variant>en</variant> + </variants> +</metafile> diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index f963fc0d20..ddea74570e 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -625,6 +625,26 @@ evaluated.</td></tr> ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Passes environment variables from the shell</td></tr> <tr><td><a href="mpm_common.html#pidfile">PidFile <var>filename</var></a></td><td> logs/httpd.pid </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">File where the server records the process ID of the daemon</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policyconditional">PolicyConditional <var>ignore|log|enforce</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the conditional request policy.</td></tr> +<tr><td><a href="mod_policy.html#policyconditionalurl">PolicyConditionalURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the conditional request policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policyenvironment">PolicyEnvironment <var>variable</var> <var>log-value</var> <var>ignore-value</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override policies based on an environment variable.</td></tr> +<tr><td><a href="mod_policy.html#policyfilter">PolicyFilter <var>on|off</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable policies for the given URL space.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policykeepalive">PolicyKeepalive <var>ignore|log|enforce</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the keepalive policy.</td></tr> +<tr><td><a href="mod_policy.html#policykeepaliveurl">PolicyKeepaliveURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the keepalive policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policylength">PolicyLength <var>ignore|log|enforce</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the content length policy.</td></tr> +<tr><td><a href="mod_policy.html#policylengthurl">PolicyLengthURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the content length policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policymaxage">PolicyMaxage <var>ignore|log|enforce</var> <var>age</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the caching minimum max-age policy.</td></tr> +<tr><td><a href="mod_policy.html#policymaxageurl">PolicyMaxageURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the caching minimum freshness lifetime policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policynocache">PolicyNocache <var>ignore|log|enforce</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the caching no-cache policy.</td></tr> +<tr><td><a href="mod_policy.html#policynocacheurl">PolicyNocacheURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the caching no-cache policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policytype">PolicyType <var>ignore|log|enforce</var> <var>type</var> [ <var>type</var> [ ... ]]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the content type policy.</td></tr> +<tr><td><a href="mod_policy.html#policytypeurl">PolicyTypeURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the content type policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policyvalidation">PolicyValidation <var>ignore|log|enforce</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the validation policy.</td></tr> +<tr><td><a href="mod_policy.html#policyvalidationurl">PolicyValidationURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the content type policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policyvary">PolicyVary <var>ignore|log|enforce</var> <var>header</var> [ <var>header</var> [ ... ]]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the Vary policy.</td></tr> +<tr><td><a href="mod_policy.html#policyvaryurl">PolicyVaryURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the content type policy.</td></tr> +<tr class="odd"><td><a href="mod_policy.html#policyversion">PolicyVersion <var>ignore|log|enforce</var> <var>HTTP/0.9|HTTP/1.0|HTTP/1.1</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the version policy.</td></tr> +<tr><td><a href="mod_policy.html#policyversionurl">PolicyVersionURL <var>url</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">URL describing the minimum request HTTP version policy.</td></tr> <tr class="odd"><td><a href="mod_privileges.html#privilegesmode">PrivilegesMode FAST|SECURE|SELECTIVE</a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Trade off processing speed and efficiency vs security against malicious privileges-aware code.</td></tr> <tr><td><a href="core.html#protocol">Protocol <var>protocol</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Protocol for a listening socket</td></tr> diff --git a/docs/manual/sitemap.html.en b/docs/manual/sitemap.html.en index 78dc40fb71..e82a033e2c 100644 --- a/docs/manual/sitemap.html.en +++ b/docs/manual/sitemap.html.en @@ -239,6 +239,7 @@ Server on HPUX</a></li> <li><a href="mod/mod_mime_magic.html">Apache Module mod_mime_magic</a></li> <li><a href="mod/mod_negotiation.html">Apache Module mod_negotiation</a></li> <li><a href="mod/mod_nw_ssl.html">Apache Module mod_nw_ssl</a></li> +<li><a href="mod/mod_policy.html">Apache Module mod_policy</a></li> <li><a href="mod/mod_privileges.html">Apache Module mod_privileges</a></li> <li><a href="mod/mod_proxy.html">Apache Module mod_proxy</a></li> <li><a href="mod/mod_proxy_ajp.html">Apache Module mod_proxy_ajp</a></li> |
