Bug 1109575
| Summary: | Access to w3c markup validator is forbidden with its default configuration | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Guillaume Poirier-Morency <guillaumepoiriermorency> | ||||||
| Component: | w3c-markup-validator | Assignee: | Nathanael Noblet <nathanael> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 20 | CC: | burhan.ali, guillaumepoiriermorency, nathanael | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | x86_64 | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | w3c-markup-validator-1.3-9.fc21 | Doc Type: | Bug Fix | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2014-12-04 06:20:36 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
|
Description
Guillaume Poirier-Morency
2014-06-15 16:09:40 UTC
I was able to get the validator working by making the following changes. I don't know if these changes are the right thing to do, but they worked for me. Summary: 1. New notation for directory access. 2. Turn on legacy expression parser. 3. Add missing <Directory> section for the validator's cgi-bin directory. diff --git a/httpd/conf.d/w3c-markup-validator.conf b/httpd/conf.d/w3c-markup-validator.conf index 6c18ae5..959d8e0 100644 --- a/httpd/conf.d/w3c-markup-validator.conf +++ b/httpd/conf.d/w3c-markup-validator.conf @@ -91,8 +91,34 @@ Alias /w3c-validator/ /usr/share/w3c-markup-validator/htdocs/ ExpiresByType application/javascript A2592000 ExpiresByType application/ecmascript A2592000 </IfModule> + + # Added by Burhan Ali on 20141107: + # This machine has apache httpd 2.4 but the default w3c validator conf is for + # apache 2.2. + # These two extra settings are to make the validator work with 2.4. + # + # http://stackoverflow.com/a/19951408/966703 + Require all granted + # Needed because the w3c validator files still contain legacy expression. + # http://stackoverflow.com/a/17479214/966703 + SSILegacyExprParser on +</Directory> + +# Added by Burhan Ali on 20141107: +# The default conf appears to be missing permissions on the validator cgi-bin +# directory, leading to "AH01630: client denied by server configuration: +# /usr/share/w3c-markup-validator/cgi-bin/check ..." +# +# This section is based off the example on the W3C website with fixes for apache 2.4. +# http://validator.w3.org/docs/install_win.html#config-apache +<Directory /usr/share/w3c-markup-validator/cgi-bin/> + Options ExecCGI Includes Indexes MultiViews + AllowOverride None + Require all granted </Directory> (In reply to Burhan Ali from comment #1) > I was able to get the validator working by making the following changes. I > don't know if these changes are the right thing to do, but they worked for > me. > > Summary: > 1. New notation for directory access. > 2. Turn on legacy expression parser. > 3. Add missing <Directory> section for the validator's cgi-bin directory. > > > diff --git a/httpd/conf.d/w3c-markup-validator.conf > b/httpd/conf.d/w3c-markup-validator.conf > index 6c18ae5..959d8e0 100644 > --- a/httpd/conf.d/w3c-markup-validator.conf > +++ b/httpd/conf.d/w3c-markup-validator.conf > @@ -91,8 +91,34 @@ Alias /w3c-validator/ > /usr/share/w3c-markup-validator/htdocs/ > ExpiresByType application/javascript A2592000 > ExpiresByType application/ecmascript A2592000 > </IfModule> > + > + # Added by Burhan Ali on 20141107: > + # This machine has apache httpd 2.4 but the default w3c validator conf is > for > + # apache 2.2. > + # These two extra settings are to make the validator work with 2.4. > + # > + # http://stackoverflow.com/a/19951408/966703 > + Require all granted > + # Needed because the w3c validator files still contain legacy expression. > + # http://stackoverflow.com/a/17479214/966703 > + SSILegacyExprParser on > +</Directory> > + > +# Added by Burhan Ali on 20141107: > +# The default conf appears to be missing permissions on the validator > cgi-bin > +# directory, leading to "AH01630: client denied by server configuration: > +# /usr/share/w3c-markup-validator/cgi-bin/check ..." > +# > +# This section is based off the example on the W3C website with fixes for > apache 2.4. > +# http://validator.w3.org/docs/install_win.html#config-apache > +<Directory /usr/share/w3c-markup-validator/cgi-bin/> > + Options ExecCGI Includes Indexes MultiViews > + AllowOverride None > + Require all granted > </Directory> I have applied your patch for tthe fc21 package (https://admin.fedoraproject.org/pkgdb/package/w3c-markup-validator/ ), it's in attachment. A similar work could be done for fc20. We need some insights from you, Nathanael. Created attachment 958088 [details]
Working Apache 2.4 configuration
(In reply to Burhan Ali from comment #1) > I was able to get the validator working by making the following changes. I > don't know if these changes are the right thing to do, but they worked for > me. > > Summary: > 1. New notation for directory access. > 2. Turn on legacy expression parser. > 3. Add missing <Directory> section for the validator's cgi-bin directory. > > > diff --git a/httpd/conf.d/w3c-markup-validator.conf > b/httpd/conf.d/w3c-markup-validator.conf > index 6c18ae5..959d8e0 100644 > --- a/httpd/conf.d/w3c-markup-validator.conf > +++ b/httpd/conf.d/w3c-markup-validator.conf > @@ -91,8 +91,34 @@ Alias /w3c-validator/ > /usr/share/w3c-markup-validator/htdocs/ > ExpiresByType application/javascript A2592000 > ExpiresByType application/ecmascript A2592000 > </IfModule> > + > + # Added by Burhan Ali on 20141107: > + # This machine has apache httpd 2.4 but the default w3c validator conf is > for > + # apache 2.2. > + # These two extra settings are to make the validator work with 2.4. > + # > + # http://stackoverflow.com/a/19951408/966703 > + Require all granted > + # Needed because the w3c validator files still contain legacy expression. > + # http://stackoverflow.com/a/17479214/966703 > + SSILegacyExprParser on > +</Directory> > + > +# Added by Burhan Ali on 20141107: > +# The default conf appears to be missing permissions on the validator > cgi-bin > +# directory, leading to "AH01630: client denied by server configuration: > +# /usr/share/w3c-markup-validator/cgi-bin/check ..." > +# > +# This section is based off the example on the W3C website with fixes for > apache 2.4. > +# http://validator.w3.org/docs/install_win.html#config-apache > +<Directory /usr/share/w3c-markup-validator/cgi-bin/> > + Options ExecCGI Includes Indexes MultiViews > + AllowOverride None > + Require all granted > </Directory> Just noticed the /w3c-validator/check endpoint is not working, can you double-check your patch? Created attachment 958201 [details] Patch (In reply to Guillaume Poirier-Morency from comment #4) > Just noticed the /w3c-validator/check endpoint is not working, can you > double-check your patch? The validator works for me. I copied and pasted fragments of the patch which There were a few whitespace changes that I omitted which may be the problem. I have attached the full patch. Hopefully that will work for you. (In reply to Burhan Ali from comment #5) > Created attachment 958201 [details] > Patch > > (In reply to Guillaume Poirier-Morency from comment #4) > > Just noticed the /w3c-validator/check endpoint is not working, can you > > double-check your patch? > > The validator works for me. I copied and pasted fragments of the patch which > There were a few whitespace changes that I omitted which may be the problem. > I have attached the full patch. Hopefully that will work for you. I have found out that it is not working with mod_perl installed. Once removed, it works like a charm. Could we fix this issue as well? So I've mostly applied the patch except I made a small change. Instead of adding a Directory directive for the check match, I added the Require all granted to the LocationMatch for check and feedback. In my tests with Selinux enforcing and mod_perl installed I could validate by direct input without an issue. Please test the updates and let me know if it works for you as well. w3c-markup-validator-1.3-9.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/w3c-markup-validator-1.3-9.fc21 w3c-markup-validator-1.3-9.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/w3c-markup-validator-1.3-9.fc20 Package w3c-markup-validator-1.3-9.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing w3c-markup-validator-1.3-9.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-15414/w3c-markup-validator-1.3-9.fc21 then log in and leave karma (feedback). w3c-markup-validator-1.3-9.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. w3c-markup-validator-1.3-9.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. |