The code reverted attempted to restrict comparisons of the r->filename
to given DirectoryMatch blocks.
r->filename was already a non-directory entity at this point, because we
have already fallen out of the } while (thisinfo.filetype == APR_DIR);
block above.
The addition of r->d_is_directory was redundant. That is what is always
returned by ap_get_core_module_config(r->per_dir_config).
Note modifying dir_config required an MMN major bump as this commit could
have realigned the offset of refs (had it been added to the end, this
would correspond to an mmn minor bump) and other fields packed into the
same bytes (this is undefined). Bump on revert to prevent unexpected crashes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1653666 13f79535-47bb-0310-9956-ffa450edef68
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds "MergeTrailers" directive to restore
legacy behavior.
Submitted By: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Committed By: covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610814 13f79535-47bb-0310-9956-ffa450edef68
Allows for several "connections" all resulting in
a single real connection that talks to the network.
Right now, nothing uses this though.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1565657 13f79535-47bb-0310-9956-ffa450edef68
HttpContentLengthHeadZero - allow Content-Length of 0 to be returned on HEAD
HttpExpectStrict - allow admin to control whether we must see "100-continue"
This is helpful when using Ceph's radosgw and httpd.
Inspired by: Yehuda Sadeh <yehuda@inktank.com>
See https://github.com/ceph/apache2/commits/precise
* include/http_core.h
(core_server_config): Add http_cl_head_zero and http_expect_strict fields.
* modules/http/http_filters.c
(ap_http_header_filter): Only clear out the C-L if http_cl_head_zero is not
explictly set.
* server/core.c
(merge_core_server_configs): Add new fields.
(set_cl_head_zero, set_expect_strict): New config helpers.
(HttpContentLengthHeadZero, HttpExpectStrict): Declare new directives.
* server/protocol.c
(ap_read_request): Allow http_expect_strict to control if we return 417.
* include/ap_mmn.h
(MODULE_MAGIC_NUMBER_MAJOR, MODULE_MAGIC_NUMBER_MINOR): Bump.
* CHANGES: Add a brief description.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554303 13f79535-47bb-0310-9956-ffa450edef68
This is a first stab, the checks will likely have to be revised.
For now, we check
* if the request line contains control characters
* if the request uri has fragment or username/password
* that the request method is standard or registered with RegisterHttpMethod
* that the request protocol is of the form HTTP/[1-9]+.[0-9]+,
or missing for 0.9
* if there is garbage in the request line after the protocol
* if any request header contains control characters
* if any request header has an empty name
* for the host name in the URL or Host header:
- if an IPv4 dotted decimal address: Reject octal or hex values, require
exactly four parts
- if a DNS host name: Reject non-alphanumeric characters besides '.' and
'-'. As a side effect, this rejects multiple Host headers.
* if any response header contains control characters
* if any response header has an empty name
* that the Location response header (if present) has a valid scheme and is
absolute
If we have a host name both from the URL and the Host header, we replace the
Host header with the value from the URL to enforce RFC conformance.
There is a log-only mode, but the loglevels of the logged messages need some
thought/work. Currently, the checks for incoming data log for 'core' and the
checks for outgoing data log for 'http'. Maybe we need a way to configure the
loglevels separately from the core/http loglevels.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426877 13f79535-47bb-0310-9956-ffa450edef68
This reverts r1407643, but changes the syntax of HttpProtocol to
min=0.9|1.0, which is less ambiguous than the previous +0.9|-0.9.
Allowing to configure an arbitrary version range was a bad idea,
because it only checked the version in the request line, without
affecting the semantics of the headers, etc.
A tighter restriction off the version in the request line is still
possible with <If "%{SERVER_PROTOCOL_NUM} ..."> .
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425366 13f79535-47bb-0310-9956-ffa450edef68
excluded from this cleanup as they must be signature identical to the
clib functions, and although the definition of size_t has been flakey,
the definition of those functions appears to be generally clean since
ANSI C.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1228323 13f79535-47bb-0310-9956-ffa450edef68
everywhere.
We know that the core module has module_index 0. Therefore we can save
some pointer operations in ap_get_module_config(cv, &core_module) and
ap_set_module_config(cv, &core_module, val). As these are called rather often,
this may actually have some (small) measurable effect.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1132781 13f79535-47bb-0310-9956-ffa450edef68
and context document root (which is the file system directory that
this URL prefix is mapped to). This generalization of the document
root makes it easier for scripts to create self-referential URLs and
to find their files.
- Expose CONTEXT_DOCUMENT_ROOT and CONTEXT_PREFIX as envvars, in mod_rewrite,
and in ap_expr.
- Make mod_alias and mod_userdir set the context information.
- Allow to override the document root on a per-request basis. This allows
mass vhosting modules to set DOCUMENT_ROOT correctly.
- Make mod_vhost_alias set the per-request document root
PR: 26052, 46198, 49705
Remaining tasks:
- Use the context document root & prefix in mod_rewrite to make RewriteBase
unneccessary in many cases. Do this without breaking compatibility.
- Write docs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1132494 13f79535-47bb-0310-9956-ffa450edef68
necessary if a module (like mod_perl) registers additional modules later than the
EXEC_ON_READ phase.
Tested by: Torsten Foertsch <torsten foertsch gmx net>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1096569 13f79535-47bb-0310-9956-ffa450edef68
in request URL path info but not decode them. Change behavior of option
"On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
PR 46830.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1082196 13f79535-47bb-0310-9956-ffa450edef68
if the current configuration run is the initial one at server startup,
and if the server is started for testing/config dumping only.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1070151 13f79535-47bb-0310-9956-ffa450edef68
This makes <If> apply to all requests, not only to file base requests and
it allows to use <If> inside <Directory>, <Location>, and <Files> sections.
The merging of <If> sections always happens after the merging of <Location>
sections, even if the <If> section is embedded inside a <Directory> or
<Files> section.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1059867 13f79535-47bb-0310-9956-ffa450edef68
the new parser. Rework ap_expr's public interface and provide hooks for modules
to add variables and functions.
The Netware and Windows build files still need to be adjusted
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1032073 13f79535-47bb-0310-9956-ffa450edef68
