[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: repeated requests for a file favicon.ico

On Wed, Oct 06, 2004 at 11:43:21AM +0200, Jasper Filon wrote:
> I have a little issue with the favicon file. My www root is password
> protected. But i also have a /public directory, which can be accessed by
> everyone. However, when someone opens a picture in his webbrowser by
> opening "www.mydomain.com/public/pictures/picture.jpg", he or she gets a
> login-dialog, because the browser tries to open
> "www.mydomain.com/favicon.ico", which is a restricted directory. Does
> anybody knows how to tell apache to simpy send a 404 (page not found)
> instead of requiring username/password?  Offcourse, i can create a
> favicon.ico file and give the world read-access on that file, but there
> must be a easier way to do this?

There's a meta setting you can use to specify an alternate location for
favicon.ico, but that's not so useful if you're pointing people directly at
things like images.  I'd consider it a bit of a bug for a browser to pop up
an auth dialog for favicon.ico, but I guess you've got an uphill battle to
fix that in every browser.

The quick Apache fix would be to create a Location stanza for favicon.ico,
like so:

<Location /favicon.ico>
	order allow,deny
	deny from all

which would give anyone who comes near it an (I think) 403 response code.

- Matt

Attachment: signature.asc
Description: Digital signature

Reply to: