diff options
Diffstat (limited to 'doc/httpauthd.conf.5')
| -rw-r--r-- | doc/httpauthd.conf.5 | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/doc/httpauthd.conf.5 b/doc/httpauthd.conf.5 index bae1d2d..7bca8b6 100644 --- a/doc/httpauthd.conf.5 +++ b/doc/httpauthd.conf.5 @@ -148,14 +148,6 @@ How this exactly works depends on the method it applies to. [ Default: .Em 900 ] -.It Cd DigestIgnoreMethod -When set to -.Em True -allows the HTTP method value in -.Em Digest -authentication to be mismatched with the actual request. This opens -up a variety of replay attacks, but is useful for pass-through -authentication (eg: a website using a SOAP service). .It Cd DigestIgnoreNC When set to .Em True @@ -166,10 +158,10 @@ authentication to be incorrect. This opens up various replay attacks. [ Default: .Em False ] -.It Cd DigestIgnoreURI +.It Cd DigestAllowAnyPath When set to .Em True -allows the URI value in +allows the URI value or HTTP method in .Em Digest authentication to be mismatched with the URI requested. This opens up a variety of replay attacks, but is useful for pass-through |