You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2016/08/17 16:24:23 UTC
svn commit: r1756649 - in /httpd/httpd/trunk: docs/manual/mod/core.xml
server/core.c
Author: wrowe
Date: Wed Aug 17 16:24:23 2016
New Revision: 1756649
URL: http://svn.apache.org/viewvc?rev=1756649&view=rev
Log:
Renaming this directive to HttpProtocolOptions after discussion on dev@
Modified:
httpd/httpd/trunk/docs/manual/mod/core.xml
httpd/httpd/trunk/server/core.c
Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1756649&r1=1756648&r2=1756649&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Wed Aug 17 16:24:23 2016
@@ -1250,10 +1250,10 @@ EnableSendfile On
</directivesynopsis>
<directivesynopsis>
-<name>EnforceHTTPProtocol</name>
+<name>HTTPProtocolOptions</name>
<description>Modify restrictions on HTTP Request Messages</description>
-<syntax>EnforceHTTPProtocol [Strict|Unsafe] [Allow0.9|Require1.0]</syntax>
-<default>EnforceHTTPProtocol Strict Allow0.9</default>
+<syntax>HTTPProtocolOptions [Strict|Unsafe] [Allow0.9|Require1.0]</syntax>
+<default>HTTPProtocolOptions Strict Allow0.9</default>
<contextlist><context>server config</context>
<context>virtual host</context></contextlist>
<compatibility>2.2.32 or 2.4.24 and later</compatibility>
@@ -1280,16 +1280,16 @@ EnableSendfile On
>§9.5 Response Smuggling</a> call out only two of the potential
risks of accepting non-conformant request messages. As of the introduction
of this directive, all grammer rules of the specification are enforced in
- the <code>Strict</code> operating mode.</p>
+ the default <code>Strict</code> operating mode.</p>
<p>Users are strongly cautioned against toggling the <code>Unsafe</code>
mode of operation for these reasons, most especially on outward-facing,
publicly accessible server deployments. Reviewing the messages within the
- <directive>ErrorLog</directive> in the <code>info</code>
- <directive>LogLevel</directive> or below can help identify such faulty
- requests, along with their origin. Users should pay particular attention
- to any 400 responses in the access log for indiciations that these requests
- are being correctly rejected.</p>
+ <directive>ErrorLog</directive>, configured with
+ <directive>LogLevel</directive> <code>info</code> level or below,
+ can help identify such faulty requests along with their origin.
+ Users should pay particular attention to any 400 responses in the access
+ log for indiciations that valid requests are unexpectedly rejected.</p>
<p><a href="https://tools.ietf.org/html/rfc2616#section-19.6"
>RFC 2616 §19.6</a> "Compatibility With Previous Versions" had
@@ -1298,7 +1298,7 @@ EnableSendfile On
been removed" and offers additional comments in
<a href="https://tools.ietf.org/html/rfc7230#appendix-A"
>RFC 2616 Appendix A</a>. The <code>Require1.0</code> option allows
- the user to remove support of the <code>Allow0.9</code> default option's
+ the user to remove support of the default <code>Allow0.9</code> option's
behavior.</p>
</usage>
</directivesynopsis>
Modified: httpd/httpd/trunk/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1756649&r1=1756648&r2=1756649&view=diff
==============================================================================
--- httpd/httpd/trunk/server/core.c (original)
+++ httpd/httpd/trunk/server/core.c Wed Aug 17 16:24:23 2016
@@ -4011,7 +4011,7 @@ static const char *set_protocols_honor_o
return NULL;
}
-static const char *set_enforce_http_protocol(cmd_parms *cmd, void *dummy,
+static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
const char *arg)
{
core_server_config *conf =
@@ -4030,19 +4030,19 @@ static const char *set_enforce_http_prot
conf->http_conformance |= AP_HTTP_CONFORMANCE_UNSAFE;
}
else {
- return "EnforceHttpProtocol accepts 'Allow0.9' (default), 'Require1.0',"
+ return "HttpProtocolOptions accepts 'Allow0.9' (default), 'Require1.0',"
" 'Unsafe', or 'Strict' (default)";
}
if ((conf->http09_enable & AP_HTTP09_ENABLE) &&
(conf->http09_enable & AP_HTTP09_DISABLE)) {
- return "EnforceHttpProtocol 'Allow0.9' and 'Require1.0'"
+ return "HttpProtocolOptions 'Allow0.9' and 'Require1.0'"
" are mutually exclusive";
}
if ((conf->http_conformance & AP_HTTP_CONFORMANCE_STRICT) &&
(conf->http_conformance & AP_HTTP_CONFORMANCE_UNSAFE)) {
- return "EnforceHttpProtocol 'Strict' and 'Unsafe'"
+ return "HttpProtocolOptions 'Strict' and 'Unsafe'"
" are mutually exclusive";
}
@@ -4684,7 +4684,7 @@ AP_INIT_TAKE1("TraceEnable", set_trace_e
"'on' (default), 'off' or 'extended' to trace request body content"),
AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF,
"merge request trailers into request headers or not"),
-AP_INIT_ITERATE("EnforceHttpProtocol", set_enforce_http_protocol, NULL, RSRC_CONF,
+AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL, RSRC_CONF,
"'Allow0.9' or 'Require1.0' (default) to allow or deny HTTP/0.9; "
"'Unsafe' or 'Strict' (default) to process incorrect requests"),
AP_INIT_ITERATE("RegisterHttpMethod", set_http_method, NULL, RSRC_CONF,
Re: svn commit: r1756649 - in /httpd/httpd/trunk: docs/manual/mod/core.xml
server/core.c
Posted by William A Rowe Jr <wr...@rowe-clan.net>.
+1
On Aug 18, 2016 2:25 PM, "Christophe JAILLET" <ch...@wanadoo.fr>
wrote:
> HttpProtocolOptions (in code) or HTTPProtocolOptions (in doc)
>
> This should be consistent, and I'm +1 for HttpProtocolOptions.
>
> CJ
>
> Le 17/08/2016 à 18:24, wrowe@apache.org a écrit :
>
>> Author: wrowe
>> Date: Wed Aug 17 16:24:23 2016
>> New Revision: 1756649
>>
>> URL: http://svn.apache.org/viewvc?rev=1756649&view=rev
>> Log:
>> Renaming this directive to HttpProtocolOptions after discussion on dev@
>>
>> Modified:
>> httpd/httpd/trunk/docs/manual/mod/core.xml
>> httpd/httpd/trunk/server/core.c
>>
>> Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
>> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/m
>> od/core.xml?rev=1756649&r1=1756648&r2=1756649&view=diff
>> ============================================================
>> ==================
>> --- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
>> +++ httpd/httpd/trunk/docs/manual/mod/core.xml Wed Aug 17 16:24:23 2016
>> @@ -1250,10 +1250,10 @@ EnableSendfile On
>> </directivesynopsis>
>> <directivesynopsis>
>> -<name>EnforceHTTPProtocol</name>
>> +<name>HTTPProtocolOptions</name>
>>
> [...]
>
>> +AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL,
>> RSRC_CONF,
>>
>>
> ---
> L'absence de virus dans ce courrier électronique a été vérifiée par le
> logiciel antivirus Avast.
> https://www.avast.com/antivirus
>
>
Re: svn commit: r1756649 - in /httpd/httpd/trunk:
docs/manual/mod/core.xml server/core.c
Posted by Christophe JAILLET <ch...@wanadoo.fr>.
HttpProtocolOptions (in code) or HTTPProtocolOptions (in doc)
This should be consistent, and I'm +1 for HttpProtocolOptions.
CJ
Le 17/08/2016 � 18:24, wrowe@apache.org a �crit :
> Author: wrowe
> Date: Wed Aug 17 16:24:23 2016
> New Revision: 1756649
>
> URL: http://svn.apache.org/viewvc?rev=1756649&view=rev
> Log:
> Renaming this directive to HttpProtocolOptions after discussion on dev@
>
> Modified:
> httpd/httpd/trunk/docs/manual/mod/core.xml
> httpd/httpd/trunk/server/core.c
>
> Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=1756649&r1=1756648&r2=1756649&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
> +++ httpd/httpd/trunk/docs/manual/mod/core.xml Wed Aug 17 16:24:23 2016
> @@ -1250,10 +1250,10 @@ EnableSendfile On
> </directivesynopsis>
>
> <directivesynopsis>
> -<name>EnforceHTTPProtocol</name>
> +<name>HTTPProtocolOptions</name>
[...]
> +AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL, RSRC_CONF,
>
---
L'absence de virus dans ce courrier �lectronique a �t� v�rifi�e par le logiciel antivirus Avast.
https://www.avast.com/antivirus