On Sun, Nov 11, 2012 at 2:28 AM, Justin Erenkrantz <jus...@erenkrantz.com> wrote: > On Sat, Nov 10, 2012 at 3:25 PM, Thomas Åkesson <tho...@akesson.cc> wrote: >> >> I suppose this means that it would be a significant optimization to >> perform HEAD rather than GET when discovering ACLs for every subdirectory in >> a directory listing? > > > Probably - doing the HEAD request will run the full authn and authz checks, > but it won't produce the bodies - you'll also save not having to send the > responses on the wire - but you won't know what the directory listing is > unless you do a GET in the first place. So, it might help at the leaf nodes > in the tree. (But how would you know it's a leaf! Fun.) > I've checked in debugger and it seems creating sub request performs auth/authz without until call to ap_subreq_run().
-- Ivan Zhakov
