mod_apparmor in 2.8.3 always used URL-based hats

I have lots of <VirtualHost *:80> with AADefaultHatName vhost_whatever

However, starting with mod_apparmor 2.8.3 a URL-based hat is used for all requests, the AADefaultHatName is ignored.

from #apparmor
[01:23:14] <cboltz> I could even argue that the URL-based hat allows to "steal" permissions
[01:23:30] <cboltz> imagine a vhost has a /foo.php
[01:23:52] <cboltz> now someone could add another /foo.php to a different vhost which would get the same hat as the first one
[01:24:09] <cboltz> (the URL-based hats don't contain any hints about which vhost they use)
[01:26:20] <sbeattie> right. You'd like the URL based hatname to incorporate some sort of representation of the vhost
[01:27:01] <cboltz> that might be a solution, yes
[01:27:05] <sbeattie> cboltz: can you open a bug, please?
[01:27:16] <cboltz> yes
[01:27:33] <cboltz> however I'm not sure what the best solution is
[01:27:48] <sbeattie> cboltz: well, I think I'm almost convinced that the ordering should be AAHatName, AADefaultHatName, vhost+URI, URI, DEFAULT_HAT.
[01:28:21] <sbeattie> but not entirely sure.
[01:28:32] <cboltz> yes, looks like a good order
[01:29:41] <cboltz> maybe s/vhost+URI/full path/
[01:29:56] <cboltz> (how would that work with "virtual" mod_rewrite-based "filenames"?)

A patch for the 2.8 branch that prefers AADefaultHatName over the URL-based hat would be more than welcome ;-)