www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2026-01-13 21:42:17 +03:00
Code Activity
26,123 Commits 62 Branches 306 Tags
a902bda00305697d3bea379db7aa0894de8e5a1e
Commit Graph

833 Commits

Author SHA1 Message Date
Jeff Trawick
d0edc26214 the fixup hook should log (what is expected to be) local 
path just like the translate name hook, for a small hint
when debugging 400 errors set just below


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1596963 13f79535-47bb-0310-9956-ffa450edef68
 2014-05-22 20:29:29 +00:00
Eric Covener
8b7d9aa142 stop setting context info for AliasMatch. These concepts do not really map 
well/reliably to AliasMatch.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1593745 13f79535-47bb-0310-9956-ffa450edef68
 2014-05-10 23:43:48 +00:00
Jim Jagielski
2aa898bb2f strncmp(r->filename, "proxy:", 6) is faster than a 
note. Plus, allows for checking even if not due to
rewrite.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1588544 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-18 19:21:35 +00:00
Eric Covener
911f522c2a add BNP flag to give control to the user on whether a space ' ' in 
an escaped backrefernece is decoded to a + (default) or %20. Useful
if your backreference isn't going into the query string.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585157 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-05 18:40:36 +00:00
Eric Covener
0bfd7243b3 allow users to workaround the over-agressive backreference 
escaping by selecting the characters to escape. 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1584417 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-03 21:53:14 +00:00
Rainer Jung
8ac4515e60 Fix segfault in mod_alias introduced in r1132494. 
AliasMatch does not append unmatched parts of the
original URI to the  new URI. So no need to subtract
anything from the new URI length.

The existing code crashed when using
"AliasMatch / /some/thing" and sending a request
with a long URI.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1583175 13f79535-47bb-0310-9956-ffa450edef68
 2014-03-30 18:20:09 +00:00
Jeff Trawick
e280cf4ff7 normalize an ugly construct which somehow manages to return the correct value 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1571369 13f79535-47bb-0310-9956-ffa450edef68
 2014-02-24 17:52:08 +00:00
Eric Covener
4ef49e127a *) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore, 
and IgnoreInherit to allow RewriteRules to be pushed from parent scopes
     to child scopes without explicitly configuring each child scope.
     PR56153. 

Submitted By: Edward Lu
Committed By: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1570288 13f79535-47bb-0310-9956-ffa450edef68
 2014-02-20 18:08:31 +00:00
Eric Covener
c1ae372322 Add %{CONN_REMOTE_ADDR} to mod_rewrite. PR56094 
Submitted By: Edward Lu <Chaosed0 gmail com>
Committed By: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1563418 13f79535-47bb-0310-9956-ffa450edef68
 2014-02-01 14:02:29 +00:00
Chris Darroch
5a1062d275 Skip DirectoryIndex execution unless method is GET or POST, restoring 
2.2 behavior when using mod_dav. PR 54914.

Otherwise, variable behavior results: if no DirectoryIndex file is found,
mod_dav's r->handler runs as expected.  But if an index file is found,
r->handler will be changed by ap_internal_fast_redirect() to something
other than mod_dav's r->handler, while r->method is left unchanged,
usually leading to a 405 response.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1561447 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-26 04:09:45 +00:00
Jim Jagielski
72df6b36bf make mod_rewrite and mod_proxy UDS work together... 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1560367 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-22 14:54:21 +00:00
Eric Covener
3c8e6bbaf8 no make depend in sandbox, fix bld break from r1559394 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1559398 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-18 19:36:17 +00:00
Eric Covener
99ca42198f followups to r1557641 suggested by nd -- add 
prefix to both the macro and the handler name 
itself.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1559394 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-18 19:14:14 +00:00
Eric Covener
6d582e83aa don't search for directory indexes/directoryslashes if a URL is in the 
middle of being rewritten [in per-dir context]. PR53929


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1557641 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-13 01:51:58 +00:00
Eric Covener
ae4277941e restore http://svn.apache.org/viewvc?view=revision&revision=233369 
under a configurable option: don't run mod_dir if r->handler is already set.

PR53794



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1557640 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-13 01:42:12 +00:00
Eric Covener
1914219d4b mod_dir: rename the on/off/unset enum so it doesn't look so funny if 
used by other flags.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1557639 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-13 01:29:25 +00:00
Christophe Jaillet
409bc6238b - Rename variable 
- Remove #define WANT_BASENAME_MATCH and define a new option 'CheckBasenameMatch' to control this behaviour
- Remove outdated comments

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1557580 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-12 18:11:04 +00:00
Eric Covener
be6ef336b2 avoid a tight busy loop with memory allocations when the [N] flag 
isn't making progress.

If backported, probably increase the hard-coded limit to 32k from 10k.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1556206 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-07 13:07:51 +00:00
Christophe Jaillet
616caeceae 'ap_getword_conf' can not return NULL 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1551011 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-15 10:28:58 +00:00
Christophe Jaillet
553054d0ba Fix missing spaces in messages 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1546860 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-01 21:13:56 +00:00
Jim Jagielski
ef357793f4 *) mod_rewrite: Make rewrite websocket aware to allow proxying. 
PR 55598. [Chris Harris <chris.harris kitware com>]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1528556 13f79535-47bb-0310-9956-ffa450edef68
 2013-10-02 16:38:39 +00:00
Christophe Jaillet
0b0ea715a1 Correct the behaviour of CheckCaseOnly in mod_speling, according to the doc. 
PR 44221 [Rainer Perske <perske uni-muenster de>]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1505279 13f79535-47bb-0310-9956-ffa450edef68
 2013-07-21 06:21:23 +00:00
Eric Covener
e4e1533f6a include util_charset.h in ebcdic builds 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1499025 13f79535-47bb-0310-9956-ffa450edef68
 2013-07-02 17:16:47 +00:00
Christophe Jaillet
bb69ec6cfe Remove useless tests. 
Turn
   if (*x && apr_isspace(*x))
into
   if (apr_isspace(*x))

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1452128 13f79535-47bb-0310-9956-ffa450edef68
 2013-03-03 21:25:46 +00:00
Eric Covener
08b292cec6 Unbreak default case of RewriteBase not being set after r1410681 
Contributed By: Evgeny Barsukov
Reviewed By: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1447426 13f79535-47bb-0310-9956-ffa450edef68
 2013-02-18 18:46:23 +00:00
Eric Covener
f19f43afc9 fix r1416889 a different way -- the referer should be const too. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1422253 13f79535-47bb-0310-9956-ffa450edef68
 2012-12-15 14:27:52 +00:00
Eric Covener
f6949ccc77 const fixes for mod_imagemap, fatal on old xlc due to returning apr_table_get result 
from non const function.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1422234 13f79535-47bb-0310-9956-ffa450edef68
 2012-12-15 12:34:56 +00:00
Guenter Knauf
2e2939bd83 Fixed type mismatch. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1416889 13f79535-47bb-0310-9956-ffa450edef68
 2012-12-04 11:24:06 +00:00
Jim Jagielski
18cc8e835b CVE-2012-3499 and CVE-2012-4558 
Be sure to escape potential troubled strings


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1413732 13f79535-47bb-0310-9956-ffa450edef68
 2012-11-26 17:18:54 +00:00
Eric Covener
5d16310f14 PR53963: don't merge the rewritebase down w/o an opt-in 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1410681 13f79535-47bb-0310-9956-ffa450edef68
 2012-11-17 02:59:31 +00:00
Jim Jagielski
ec425400e6 Remove warnings 
mod_speling.c:400:41: warning: data argument not used by format string [-Wformat-extra-args]
                          r->uri, nuri, ref);
                                                                                                                        mod_speling.c:508:53: warning: data argument not used by format string [-Wformat-extra-args]
                          r->uri, candidates->nelts, ref);

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1407460 13f79535-47bb-0310-9956-ffa450edef68
 2012-11-09 14:04:22 +00:00
Christophe Jaillet
0def67cc81 cppcheck: arrayIndexThenCheck - change the order of the tests in order to avoid a 
potential out-of-bound access. I think that this module is obsolete, but doing so reduces
the noise in cppcheck output...

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1398480 13f79535-47bb-0310-9956-ffa450edef68
 2012-10-15 19:53:22 +00:00
Christophe Jaillet
2bf89abdc0 ccpcheck: duplicateExpression - 'vary_by_language' is tested twice 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1398478 13f79535-47bb-0310-9956-ffa450edef68
 2012-10-15 19:49:23 +00:00
Vincent Deffontaines
df9bff231b FallbackResource : Support for the 'disabled' argument 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1398066 13f79535-47bb-0310-9956-ffa450edef68
 2012-10-14 12:26:55 +00:00
Guenter Knauf
7814748ab3 NetWare build tweaks. 
Make more use of internal makefile macros;
axed now obsolete include paths.
Submitted by: normw gknw net.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1371177 13f79535-47bb-0310-9956-ffa450edef68
 2012-08-09 12:11:09 +00:00
Stefan Fritsch
76949b5e25 remove now unecessary assignment 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1369999 13f79535-47bb-0310-9956-ffa450edef68
 2012-08-06 20:42:51 +00:00
Stefan Fritsch
ce4178c36f Use apr_pcalloc for rewritemap_entry struct, to avoid uninitialized entries. 
PR: 53663
Submitted by: Mikhail T. <mi apache aldan algebra com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1369995 13f79535-47bb-0310-9956-ffa450edef68
 2012-08-06 20:40:37 +00:00
Stefan Fritsch
1eea823bf2 style fix 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1359857 13f79535-47bb-0310-9956-ffa450edef68
 2012-07-10 19:45:27 +00:00
Eric Covener
e10a9c65a2 add a pointer to 'rewriteoptions', without giving away the option name, if someone 
happens to have rewrite trace on when mod_rewrite declines a non URL-path.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1356813 13f79535-47bb-0310-9956-ffa450edef68
 2012-07-03 16:19:29 +00:00
Joe Orton
83acd755ee * modules/mappers/mod_rewrite.c (cmd_rewriteoptions, hook_uri2file): 
Add "AllowAnyURI" flag which disables the strict URL-path input
  string check introduced to fix CVE-2011-3368/CVE-2011-4317.

* docs/manual: Update docs.

Inspired by: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1356115 13f79535-47bb-0310-9956-ffa450edef68
 2012-07-02 08:51:01 +00:00
Joe Orton
885e76bebb SECURITY: CVE-2012-2687 (cve.mitre.org): 
mod_negotiation: Escape filenames in variant list to prevent an
possible XSS for a site where untrusted users can upload files to a
location with MultiViews enabled.

* modules/mappers/mod_negotiation.c (make_variant_list): Escape
  filenames in variant list.

Submitted by: Niels Heinen <heinenn google.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1349905 13f79535-47bb-0310-9956-ffa450edef68
 2012-06-13 15:33:48 +00:00
Stefan Fritsch
fe4f92509b Replace use of apr_file_write() with apr_file_write_full() to prevent 
incomplete writes.

Add comments in some places where error handling/logging is missing.

PR: 53131.
Submitted by: Nicolas Viennot <apache viennot biz>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1331110 13f79535-47bb-0310-9956-ffa450edef68
 2012-04-26 21:44:51 +00:00
André Malo
a6b17d7562 mod_rewrite: Fix RewriteCond integer checks to be parsed correctly. 
PR: 53023
Submitted by: Axel Reinhold <apache freakout.de>
Reviewed/Updated by: nd


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1309602 13f79535-47bb-0310-9956-ffa450edef68
 2012-04-04 21:20:37 +00:00
André Malo
275799f42c static scope for rewritemap_mutex_type. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1309585 13f79535-47bb-0310-9956-ffa450edef68
 2012-04-04 20:33:59 +00:00
Eric Covener
7ab4cfe81a PR52845: "DirectoryIndex disabled" should blow away the DirectoryIndex settings 
in the current config section, not just override previous config sections.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1297958 13f79535-47bb-0310-9956-ffa450edef68
 2012-03-07 12:42:09 +00:00
Eric Covener
23c21127c0 revert "overloaded" recent additions to mod_rewrite 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1239872 13f79535-47bb-0310-9956-ffa450edef68
 2012-02-02 21:51:36 +00:00
Eric Covener
67ffac76d3 add an internal sleep map function that expands to an empty string. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1239681 13f79535-47bb-0310-9956-ffa450edef68
 2012-02-02 15:51:09 +00:00
Eric Covener
38982673f2 treat a rewriterule substitution that expands to "-" as if the rule 
had a literal "-".


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1239679 13f79535-47bb-0310-9956-ffa450edef68
 2012-02-02 15:43:41 +00:00
Jim Jagielski
d052a532be https also needs QS 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1236350 13f79535-47bb-0310-9956-ffa450edef68
 2012-01-26 19:14:58 +00:00
Jeff Trawick
6635e5a3da Adjust CVE-2011-3368/CVE-2011-4317 fixes to rely solely on 
core's translate-name to fail unsupported URIs.

Rewrite and proxy now decline what they don't support rather
than fail the request.

Suggested by: trawick
Implemented by: jorton
Tweaked by: wrowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1233604 13f79535-47bb-0310-9956-ffa450edef68
 2012-01-19 22:23:15 +00:00