Bug 33089 - mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filter removed
Summary: mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filte...
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_include (show other bugs)
Version: 2.4.34
Hardware: PC All
: P2 normal with 1 vote (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: APIBug
Depends on:
Reported: 2005-01-13 22:21 UTC by Vlad Alexa Mancini
Modified: 2018-08-13 17:01 UTC (History)
3 users (show)

vhost config (not related to this defect) (1.36 KB, text/plain)
2018-08-02 16:58 UTC, Semion

Note You need to log in before you can comment on or make changes to this bug.
Description Vlad Alexa Mancini 2005-01-13 22:21:00 UTC
This is the most insiduous thing i have ever had to deal with ,
well i get this :
mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filter 
indiferent of the + existing or not before Includes 
there are only 2 things that make the warning go away , either change .html to 
anything else , either remove the Indexes option

however the thing that makes it really insiduous is that you only get this 
error when you do a directory listing (go to a directory with no index file)

this happens only since upgrading to 2.0.52 from 2.0.50

here are the related httpd.conf quotes (no other includes or indexes options 
set elswhere)

LoadModule include_module modules/mod_include.so
<IfModule mod_include.c>
AddOutputFilter Includes .html

<Directory "/var/www/htdocs/">
Options Indexes +Includes
Comment 1 Rich Bowen 2005-01-13 22:42:42 UTC
I spoke with valexa on IRC, and it appears that the SSI directives still get
run, even though the message states that the INCLUDES filter has been removed.
Comment 2 Vlad Alexa Mancini 2005-01-13 23:05:34 UTC
just tested on apache 2.0.50 , official binary release for windows , same as 
2.0.52 , the issue seems to be present in both versions 

furthemore the notice apears for every directory index being done by the server 
and i mean it , every time ,  you do not even have to access a ssi page , just 
doing a index gives that notice

another fix is moving the AddOutputFilter directive inside the directory scope
Comment 3 Vlad Alexa Mancini 2005-01-13 23:30:39 UTC
well its confirmed , tested with apache 2.0.49 , still official windows binary 
release , the bug was not to be found , so its a issue from 2.0.50 up
Comment 4 Rob Main 2005-05-17 15:55:56 UTC
I have seen and am currently experiencing the same symptoms on 2.0.52 and
2.0.54.  I get the log entry "mod_include: Options +Includes (or IncludesNoExec)
wasn't set, INCLUDES filter removed" anytime I hit a page on one of my virtual
hosts that uses SSI despite the fact that Options +Includes is applied to the
directory in question.  Adding the AddOutputFilter option inside the directory
scope had no effect.
Comment 5 Rob Main 2005-05-17 16:21:49 UTC
Additionally, the SSI directive never gets parsed.
Comment 6 Paul Querna 2005-06-03 00:36:25 UTC
This is caused by the truely bizare behavoir of Options when the first option
contains a +/-.  Its not really the expected behavoir for most configurations.
Comment 7 Tony Rondini 2006-02-17 03:44:23 UTC
I am experiencing this same issue with Red Hat v4 - using XBitHack and/or shtlm
no luck with version 2.0.54. 
Comment 8 Vlad Alexa Mancini 2006-02-17 11:17:03 UTC
Tested on apache 2.2.0 , same behaviour 
Comment 9 Tony Rondini 2006-02-18 16:49:45 UTC
This is NOT a bug at all in Red Hat V4 Extras (Apache 2.0.52/54).  I had a bad
<Directory filename> entry all along.  Once that was corrected the SSI
directives  worked exactly as documented.  If anyone is still having problems I
would suggest doing some problem analysis against the httpd.conf first, then to
the .htaccess file. Feel free to contact me. 
Comment 10 Vlad Alexa Mancini 2006-02-20 05:06:00 UTC
indeed i had found that adding IncludesNoExec to the options of <Directory
"..../icons"> removes the errors , but i still believe this should be further
Comment 11 Eric Covener 2006-02-23 16:47:27 UTC
> Options Indexes +Includes

In an Options directive, mixing +/- entries with non +/- does not have
predictable/expected results.
Comment 12 C. Ludwig 2006-04-04 17:51:55 UTC
I had the same problem. But the source of this error was that my html files
where chmoded as an executable (never trust your backup software). Chmod ugo-x
*.html solved the problem.
Comment 13 Tim Pierce 2006-05-17 19:14:33 UTC
The Apache documentation pages say that AddOutputFilter and Options are
permitted in "server config, virtual host, directory, .htaccess" contexts.  I
had the following lines in a <VirtualHost> directive and got the described error

Options FollowSymLinks Indexes IncludesNoExec
AddOutputFilter INCLUDES .html

With these lines in a <VirtualHost> container, I got the "INCLUDES filter
removed" error described on this bug, and the SSIs were not honored.  However,
this worked:

<Location />
Options FollowSymLinks Indexes IncludesNoExec
AddOutputFilter INCLUDES .html

I believe that either the documentation or the directives need to be modified.
Comment 14 Mikhail T. 2012-03-05 20:35:30 UTC
I just had this problem trying to add SSI to an existing server.

The server had the global settings for Options as:

<Directory />
    Options FollowSymLinks
Comment 15 Mikhail T. 2012-03-05 20:38:21 UTC
(Sorry, submitted before I finished typing.)

I added (on the global level) the:

Options +Includes
XBitHack on

but the SSIs were not parsed and the server kept telling me, Includes is not enabled.

I had to modify the existing Options-line to read:

    Options FollowSymLinks Includes
    AllowOverride None

to get SSI to work.
Comment 16 Semion 2018-08-02 16:58:13 UTC
Created attachment 36070 [details]
vhost config (not related to this defect)
Comment 17 Semion 2018-08-02 17:01:35 UTC
Need to load libraries with same internal names, but with different location.
They written in that way, that uses same module name but with different internal version, which controlled when do connect to database servers.
In example there is:
server1 with version
server2 with version
For connection it require lib with strongly same versions.
But as module for apache it have same name "_1cws_module".
Now it load only first module in config, other ignored.
As I understand - apache keep in cache names, see that it already load module with requested name and didnot load new module.
Comment 18 William A. Rowe Jr. 2018-08-03 19:42:40 UTC
Comment on attachment 36070 [details]
vhost config (not related to this defect)

Comment 11 is the correct analysis, the newly added comments have no relation to this bug, and I will strike the attachment.

Two different versions of a DB provider cannot be loaded in process at once... Too many symbol collisions, so these new comments would be rejected as a bug report as invalid.
Comment 19 Semion 2018-08-03 20:23:44 UTC
(In reply to William A. Rowe Jr. from comment #18)
> Two different versions of a DB provider cannot be loaded in process at
> once...
Clearly understand.
Is there plans to workaround this ?
Really need it (IIS can do this simple).
Comment 20 William A. Rowe Jr. 2018-08-13 17:01:55 UTC

If you want to start a new ticket, please feel free to do so.
It sill be closed invalid, however, because of flat namespaces two modules with identical symbol names cannot be loaded in Linux and similar. IIS can do this because Windows uses a two level namespace.