The URL path determines which protected resource is used for a user request. Suppose you create one protected resource with the following URL paths:
/* /test/* /test/
You create a second protected resource with the following path:
/test/*.php
Users then send the following paths in their access requests:
/test/ /test/1/2/3/file.php /file.php /test/file.php /test/file.php?param1=1234
The first three requests (/test/, /test/1/2/3/file.php, and /file.php) match the first protected resource, and the last two requests (/test/file.php and /test/file.php?param1=1234) match the second protected resource.
You then add the following URL path to the first protected resource:
/test/?
This URL path in the first protected resource causes all the requests to match the first protected resource, and the second protected resource is ignored. The ? wildcard, which matches all content in the current directory, takes precedence over the more specific wildcard (*.php).