mirror of
https://github.com/apache/httpd.git
synced 2025-08-08 15:02:10 +03:00
mod_proxy: ap_proxy_create_hdrbrgd() to clear hop-by-hop first and fixup last.
So that ap_proxy_clear_connection() runs on the original headers only and proxy_run_fixups() on the final ones. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901461 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yann Ylavic
@@ -3944,6 +3944,37 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
|||||||
*/
|
*/
|
||||||
r->headers_in = apr_table_copy(r->pool, saved_headers_in);
|
r->headers_in = apr_table_copy(r->pool, saved_headers_in);
|
||||||
|
|
||||||
|
/* Return the original Transfer-Encoding and/or Content-Length values
|
||||||
|
* then drop the headers, they must be set by the proxy handler based
|
||||||
|
* on the actual body being forwarded.
|
||||||
|
*/
|
||||||
|
if ((*old_te_val = (char *)apr_table_get(r->headers_in,
|
||||||
|
"Transfer-Encoding"))) {
|
||||||
|
apr_table_unset(r->headers_in, "Transfer-Encoding");
|
||||||
|
}
|
||||||
|
if ((*old_cl_val = (char *)apr_table_get(r->headers_in,
|
||||||
|
"Content-Length"))) {
|
||||||
|
apr_table_unset(r->headers_in, "Content-Length");
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Clear out hop-by-hop request headers not to forward */
|
||||||
|
if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
|
||||||
|
rc = HTTP_BAD_REQUEST;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* RFC2616 13.5.1 says we should strip these */
|
||||||
|
apr_table_unset(r->headers_in, "Keep-Alive");
|
||||||
|
apr_table_unset(r->headers_in, "Upgrade");
|
||||||
|
apr_table_unset(r->headers_in, "TE");
|
||||||
|
|
||||||
|
/* FIXME: since we now handle r->trailers_in on forwarding
|
||||||
|
* request bodies, it seems unwise to clear any Trailer
|
||||||
|
* header present. Is this the correct thing now?
|
||||||
|
*/
|
||||||
|
if (force10)
|
||||||
|
apr_table_unset(r->headers_in, "Trailer");
|
||||||
|
|
||||||
/* We used to send `Host: ` always first, so let's keep it that
|
/* We used to send `Host: ` always first, so let's keep it that
|
||||||
* way. No telling which legacy backend is relying no this.
|
* way. No telling which legacy backend is relying no this.
|
||||||
*/
|
*/
|
||||||
@@ -4073,33 +4104,6 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* run hook to fixup the request we are about to send */
|
|
||||||
proxy_run_fixups(r);
|
|
||||||
if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
|
|
||||||
rc = HTTP_BAD_REQUEST;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
||||||
creds = apr_table_get(r->notes, "proxy-basic-creds");
|
|
||||||
if (creds) {
|
|
||||||
apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Clear out hop-by-hop request headers not to send
|
|
||||||
* RFC2616 13.5.1 says we should strip these headers
|
|
||||||
*/
|
|
||||||
apr_table_unset(r->headers_in, "Keep-Alive");
|
|
||||||
apr_table_unset(r->headers_in, "TE");
|
|
||||||
|
|
||||||
/* FIXME: since we now handle r->trailers_in on forwarding
|
|
||||||
* request bodies, it seems unwise to clear any Trailer
|
|
||||||
* header present. Is this the correct thing now?
|
|
||||||
*/
|
|
||||||
if (force10)
|
|
||||||
apr_table_unset(r->headers_in, "Trailer");
|
|
||||||
|
|
||||||
apr_table_unset(r->headers_in, "Upgrade");
|
|
||||||
|
|
||||||
/* Do we want to strip Proxy-Authorization ?
|
/* Do we want to strip Proxy-Authorization ?
|
||||||
* If we haven't used it, then NO
|
* If we haven't used it, then NO
|
||||||
* If we have used it then MAYBE: RFC2616 says we MAY propagate it.
|
* If we have used it then MAYBE: RFC2616 says we MAY propagate it.
|
||||||
@@ -4110,19 +4114,6 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
|||||||
apr_table_unset(r->headers_in, "Proxy-Authorization");
|
apr_table_unset(r->headers_in, "Proxy-Authorization");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Return the original Transfer-Encoding and/or Content-Length values
|
|
||||||
* and drop the headers, they must be set by the proxy handler based
|
|
||||||
* on the actual body being forwarded.
|
|
||||||
*/
|
|
||||||
if ((*old_te_val = (char *)apr_table_get(saved_headers_in,
|
|
||||||
"Transfer-Encoding"))) {
|
|
||||||
apr_table_unset(r->headers_in, "Transfer-Encoding");
|
|
||||||
}
|
|
||||||
if ((*old_cl_val = (char *)apr_table_get(saved_headers_in,
|
|
||||||
"Content-Length"))) {
|
|
||||||
apr_table_unset(r->headers_in, "Content-Length");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* for sub-requests, ignore freshness/expiry headers */
|
/* for sub-requests, ignore freshness/expiry headers */
|
||||||
if (r->main) {
|
if (r->main) {
|
||||||
apr_table_unset(r->headers_in, "If-Match");
|
apr_table_unset(r->headers_in, "If-Match");
|
||||||
@@ -4132,6 +4123,15 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
|||||||
apr_table_unset(r->headers_in, "If-None-Match");
|
apr_table_unset(r->headers_in, "If-None-Match");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Add credentials (per worker) if any */
|
||||||
|
creds = apr_table_get(r->notes, "proxy-basic-creds");
|
||||||
|
if (creds) {
|
||||||
|
apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* run hook to fixup the request we are about to send */
|
||||||
|
proxy_run_fixups(r);
|
||||||
|
|
||||||
/* Append the (remaining) headers to the brigade */
|
/* Append the (remaining) headers to the brigade */
|
||||||
ap_h1_append_headers(header_brigade, r, r->headers_in);
|
ap_h1_append_headers(header_brigade, r, r->headers_in);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user