www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-05 16:55:50 +03:00
Code Activity
34,172 Commits 62 Branches 304 Tags
trunk
Commit Graph

18 Commits

Author SHA1 Message Date
Eric Covener
6b7a8cc7c1 PR56040: add SessionCookieMaxAge On/Off 
Allows mod_session cookies to out as "session" cookies.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1874675 13f79535-47bb-0310-9956-ffa450edef68
 2020-03-02 00:58:36 +00:00
Joe Orton
87ff011f6a Also avoid adding the Set-Cookie header in both r->headers_out and 
r->err_headers_out in ap_cookie_remove and ap_cookie_remove2 functions
to avoid duplication in HTTP response.  (Follow-up to r1843244)

Closes #73
PR: 60910
Submitted by: Lubos Uhliarik <luhliari redhat.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869785 13f79535-47bb-0310-9956-ffa450edef68
 2019-11-14 08:39:46 +00:00
Luca Toscano
cb38043244 mod_session_cookie: avoid adding the Set-Cookie header 
in both r->headers_out and r->err_headers_out
                    to avoid duplication.

In session_cookie_save it seems that ap_cookie_write is called
with r->headers_out and r->err_headers_out, ending up in the same
Set-Cookie header on both tables and eventually duplicated in the
HTTP response. I took Emmanuel's patch and trimmed out the bits
that remove the header only from r->err_headers_out (leaving it
to do the work on both tables) as attempt to change this bit of code
in the most conservative way as possible. Sending a commit for
a broader review.

PR: 60910,56098,55278



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1843244 13f79535-47bb-0310-9956-ffa450edef68
 2018-10-09 12:29:08 +00:00
Yann Ylavic
a83e9b4d71 mod_session: Introduce SessionExpiryUpdateInterval which allows to 
configure the session/cookie expiry's update interval. PR 57300.

Submitted by: Paul Spangler <paul.spangler ni.com>
Reviewed/Committed by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1709121 13f79535-47bb-0310-9956-ffa450edef68
 2015-10-16 22:36:17 +00:00
Graham Leggett
3eed634c9c CVE-2013-2249 
mod_session_dbd: Make sure that dirty flag is respected when saving 
sessions, and ensure the session ID is changed each time the session 
changes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1488158 13f79535-47bb-0310-9956-ffa450edef68
 2013-05-31 11:13:25 +00:00
Graham Leggett
45eb1cdd06 mod_session: Use apr_status_t as a return code across the mod_session API, 
clarify where we ignore errors and why.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1209603 13f79535-47bb-0310-9956-ffa450edef68
 2011-12-02 17:47:05 +00:00
Stefan Fritsch
7ecccc1570 Remove some more now redundant log prefixes 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1208816 13f79535-47bb-0310-9956-ffa450edef68
 2011-11-30 21:51:51 +00:00
Stefan Fritsch
1882214e86 break some very long lines, no code change 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1063016 13f79535-47bb-0310-9956-ffa450edef68
 2011-01-24 22:12:24 +00:00
Stefan Fritsch
ebb62867fb Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take 
advantage of per-module loglevels


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@951895 13f79535-47bb-0310-9956-ffa450edef68
 2010-06-06 16:59:50 +00:00
Graham Leggett
e3aec99437 Make sure we respect the proper pool lifetimes when saving away a preparsed 
session.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@928238 13f79535-47bb-0310-9956-ffa450edef68
 2010-03-27 17:48:20 +00:00
Graham Leggett
4ed2378c5e mod_session_cookie, mod_session_dbd: Make sure cookies are set both 
within the output headers and error output headers, so that the
session is maintained across redirects.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@690501 13f79535-47bb-0310-9956-ffa450edef68
 2008-08-30 13:37:52 +00:00
Graham Leggett
0ec83e8b1b mod_session_cookie: Make sure that cookie attributes are correctly 
included in the blank cookie when cookies are removed. This fixes an
inability to log out when using mod_auth_form.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@690400 13f79535-47bb-0310-9956-ffa450edef68
 2008-08-29 21:49:27 +00:00
William A. Rowe Jr
87ae720808 You don't export registered entry points 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@664217 13f79535-47bb-0310-9956-ffa450edef68
 2008-06-07 00:46:19 +00:00
Graham Leggett
679377d732 Fix the method used to detect the root of the request tree when subrequests 
are present.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@654137 13f79535-47bb-0310-9956-ffa450edef68
 2008-05-07 15:03:58 +00:00
Graham Leggett
6919d5d261 Change the directives within the mod_session* modules to be valid 
both inside and outside the location/directory sections, as suggested
by wrowe.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@646304 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-09 12:39:33 +00:00
Graham Leggett
36500032fc Insert prototypes to remove compiler warnings. [Joe Orton] 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@646126 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-08 23:12:12 +00:00
Paul Querna
a324a1d72f Remove all references to CORE_PRIVATE. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645455 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-07 10:45:43 +00:00
Graham Leggett
7d5bef8273 mod_session_cookie: Add a session implementation capable of storing 
session information within cookies on the browser. Useful for high
volume sites where server bound sessions are too resource intensive.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@644748 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-04 16:02:22 +00:00