You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by gs...@apache.org on 2001/04/17 13:07:19 UTC
cvs commit: httpd-2.0/modules/dav/main mod_dav.c mod_dav.h util.c
gstein 01/04/17 04:07:18
Modified: modules/dav/main mod_dav.c mod_dav.h util.c
Log:
allow non-absolute URIs to occur in some of the requests. RFC 2518 states
that the Destination: header (used in MOVE/COPY) must be an absolute URI, so
it keeps that constraint.
Revision Changes Path
1.56 +4 -4 httpd-2.0/modules/dav/main/mod_dav.c
Index: mod_dav.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/dav/main/mod_dav.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -u -r1.55 -r1.56
--- mod_dav.c 2001/04/14 13:10:22 1.55
+++ mod_dav.c 2001/04/17 11:07:02 1.56
@@ -2522,7 +2522,7 @@
return HTTP_BAD_REQUEST;
}
- lookup = dav_lookup_uri(dest, r);
+ lookup = dav_lookup_uri(dest, r, 1 /* must_be_absolute */);
if (lookup.rnew == NULL) {
if (lookup.err.status == HTTP_BAD_REQUEST) {
/* This supplies additional information for the default message. */
@@ -3686,7 +3686,7 @@
/* if target is a version, resolve the version resource */
/* ### dav_lookup_uri only allows absolute URIs; is that OK? */
if (!is_label) {
- lookup = dav_lookup_uri(target, r);
+ lookup = dav_lookup_uri(target, r, 0 /* must_be_absolute */);
if (lookup.rnew == NULL) {
if (lookup.err.status == HTTP_BAD_REQUEST) {
/* This supplies additional information for the default message. */
@@ -4156,7 +4156,7 @@
/* get a subrequest for the source, so that we can get a dav_resource
for that source. */
- lookup = dav_lookup_uri(source, r);
+ lookup = dav_lookup_uri(source, r, 0 /* must_be_absolute */);
if (lookup.rnew == NULL) {
if (lookup.err.status == HTTP_BAD_REQUEST) {
/* This supplies additional information for the default message. */
@@ -4278,7 +4278,7 @@
return HTTP_BAD_REQUEST;
}
- lookup = dav_lookup_uri(dest, r);
+ lookup = dav_lookup_uri(dest, r, 0 /* must_be_absolute */);
if (lookup.rnew == NULL) {
if (lookup.err.status == HTTP_BAD_REQUEST) {
/* This supplies additional information for the default message. */
1.49 +2 -1 httpd-2.0/modules/dav/main/mod_dav.h
Index: mod_dav.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/dav/main/mod_dav.h,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -u -r1.48 -r1.49
--- mod_dav.h 2001/04/14 13:10:23 1.48
+++ mod_dav.h 2001/04/17 11:07:07 1.49
@@ -491,7 +491,8 @@
} dav_lookup_result;
-dav_lookup_result dav_lookup_uri(const char *uri, request_rec *r);
+dav_lookup_result dav_lookup_uri(const char *uri, request_rec *r,
+ int must_be_absolute);
/* defines type of property info a provider is to return */
typedef enum {
1.28 +45 -30 httpd-2.0/modules/dav/main/util.c
Index: util.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/dav/main/util.c,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -u -r1.27 -r1.28
--- util.c 2001/04/14 13:10:23 1.27
+++ util.c 2001/04/17 11:07:09 1.28
@@ -183,7 +183,8 @@
** If NULL is returned, then an error occurred with parsing the URI or
** the URI does not match the current server.
*/
-dav_lookup_result dav_lookup_uri(const char *uri, request_rec * r)
+dav_lookup_result dav_lookup_uri(const char *uri, request_rec * r,
+ int must_be_absolute)
{
dav_lookup_result result = { 0 };
const char *scheme;
@@ -200,38 +201,13 @@
}
/* the URI must be an absoluteURI (WEBDAV S9.3) */
- if (comp.scheme == NULL) {
+ if (comp.scheme == NULL && must_be_absolute) {
result.err.status = HTTP_BAD_REQUEST;
result.err.desc = "Destination URI must be an absolute URI.";
return result;
}
- /* ### not sure this works if the current request came in via https: */
- scheme = r->parsed_uri.scheme;
- if (scheme == NULL)
- scheme = ap_http_method(r);
-
- /* insert a port if the URI did not contain one */
- if (comp.port == 0)
- comp.port = ap_default_port_for_scheme(comp.scheme);
-
- /* now, verify that the URI uses the same scheme as the current request.
- the port, must match our port.
- the URI must not have a query (args) or a fragment
- */
- apr_sockaddr_port_get(&port, r->connection->local_addr);
- if (strcasecmp(comp.scheme, scheme) != 0 ||
- comp.port != port) {
- result.err.status = HTTP_BAD_GATEWAY;
- result.err.desc = apr_psprintf(r->pool,
- "Destination URI refers to different "
- "scheme or port (%s://hostname:%d)"
- APR_EOL_STR "(want: %s://hostname:%d)",
- comp.scheme ? comp.scheme : scheme,
- comp.port ? comp.port : port,
- scheme, port);
- return result;
- }
+ /* the URI must not have a query (args) or a fragment */
if (comp.query != NULL || comp.fragment != NULL) {
result.err.status = HTTP_BAD_REQUEST;
result.err.desc =
@@ -240,6 +216,44 @@
return result;
}
+ /* If the scheme or port was provided, then make sure that it matches
+ the scheme/port of this request. If the request must be absolute,
+ then require the (explicit/implicit) scheme/port be matching.
+
+ ### hmm. if a port wasn't provided (does the parse return port==0?),
+ ### but we're on a non-standard port, then we won't detect that the
+ ### URI's port implies the wrong one.
+ */
+ if (comp.scheme != NULL || comp.port != 0 || must_be_absolute)
+ {
+ /* ### not sure this works if the current request came in via https: */
+ scheme = r->parsed_uri.scheme;
+ if (scheme == NULL)
+ scheme = ap_http_method(r);
+
+ /* insert a port if the URI did not contain one */
+ if (comp.port == 0)
+ comp.port = ap_default_port_for_scheme(comp.scheme);
+
+ /* now, verify that the URI uses the same scheme as the current.
+ request. the port must match our port.
+ */
+ apr_sockaddr_port_get(&port, r->connection->local_addr);
+ if (strcasecmp(comp.scheme, scheme) != 0 ||
+ comp.port != port) {
+ result.err.status = HTTP_BAD_GATEWAY;
+ result.err.desc = apr_psprintf(r->pool,
+ "Destination URI refers to "
+ "different scheme or port "
+ "(%s://hostname:%d)" APR_EOL_STR
+ "(want: %s://hostname:%d)",
+ comp.scheme ? comp.scheme : scheme,
+ comp.port ? comp.port : port,
+ scheme, port);
+ return result;
+ }
+ }
+
/* we have verified the scheme, port, and general structure */
/*
@@ -254,8 +268,9 @@
** ### maybe the admin should list the unqualified hosts in a
** ### <ServerAlias> block?
*/
- if (strrchr(comp.hostname, '.') == NULL &&
- (domain = strchr(r->server->server_hostname, '.')) != NULL) {
+ if (comp.hostname != NULL
+ && strrchr(comp.hostname, '.') == NULL
+ && (domain = strchr(r->server->server_hostname, '.')) != NULL) {
comp.hostname = apr_pstrcat(r->pool, comp.hostname, domain, NULL);
}