File move_subrequest_test.patch of Package apache2-mod_auth_mellon

--- mod_auth_mellon-0.19.1/auth_mellon_handler.c	2025/03/04 11:23:53	1.1
+++ mod_auth_mellon-0.19.1/auth_mellon_handler.c	2025/03/04 11:24:38
@@ -3862,6 +3862,12 @@
     am_cache_entry_t *session;
     const char *ajax_header;
 
+    /* Check that the user has enabled authentication for this directory. */
+    if(dir->enable_mellon == am_enable_off
+       || dir->enable_mellon == am_enable_default) {
+	return DECLINED;
+    }
+
     if (r->main) {
         /* We are a subrequest. Trust the main request to have
          * performed the authentication.
@@ -3869,12 +3875,6 @@
         return OK;
     }
 
-    /* Check that the user has enabled authentication for this directory. */
-    if(dir->enable_mellon == am_enable_off
-       || dir->enable_mellon == am_enable_default) {
-	return DECLINED;
-    }
-
     am_diag_printf(r, "enter function %s\n", __func__);
 
     /* Set defaut Cache-Control headers within this location */
@@ -4026,6 +4026,12 @@
     am_cache_entry_t *session;
     int return_code = HTTP_UNAUTHORIZED;
 
+    /* Check that the user has enabled authentication for this directory. */
+    if(dir->enable_mellon == am_enable_off
+       || dir->enable_mellon == am_enable_default) {
+	return DECLINED;
+    }
+
     if (r->main) {
         /* We are a subrequest. Trust the main request to have
          * performed the authentication.
@@ -4039,12 +4045,6 @@
         return OK;
     }
 
-    /* Check that the user has enabled authentication for this directory. */
-    if(dir->enable_mellon == am_enable_off
-       || dir->enable_mellon == am_enable_default) {
-	return DECLINED;
-    }
-
     am_diag_printf(r, "enter function %s\n", __func__);
 
 #ifdef HAVE_ECP