You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2021/06/15 08:50:01 UTC
[Bug 65380] New: "Location" header not covered in
ap_headers_error_filter
https://bz.apache.org/bugzilla/show_bug.cgi?id=65380
Bug ID: 65380
Summary: "Location" header not covered in
ap_headers_error_filter
Product: Apache httpd-2
Version: 2.4.48
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_headers
Assignee: bugs@httpd.apache.org
Reporter: ronnie.brunner@netcetera.ch
Target Milestone: ---
Created attachment 37896
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37896&action=edit
mod_header.c patch to support Location header in ap_headers_error_filter
http_protocol.c. has special handling for "Location" header in
ap_send_error_response (i.e. take Location from r->headers_out if available and
only fall back to r->err_headers_out if it's not in r->headers_out). And it is
(best) practice to put the Location header in r-> headers_out.
In mod_headers.c ap_headers_error_filter, only the r->err_headers_out are fixed
up (line 893):
/*
* Add any header fields defined by "Header always" to r->err_headers_out.
* Server-wide first, then per-directory to allow overriding.
*/
do_headers_fixup(f->r, f->r->err_headers_out, dirconf->fixup_err, 0);
This effectively prevents manipulation of the Location header on Redirects.
If instead, the special case for the Location header would also be considered
in mod_headers, it could be properly manipulated with
Header always <action> Location
in the config.
The attached patch (untested, not even attempted to comile) could do the trick.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 65380] "Location" header not covered in ap_headers_error_filter
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=65380
--- Comment #2 from Ronnie Brunner <ro...@netcetera.ch> ---
(In reply to Ruediger Pluem from comment #1)
> Does
>
> Header <action> Location
>
> work to adjust the Location header (note I removed always)?
It sometimes does :-). No seriously, you can set the Location header in your
config file (might even make sense in some rare cases) and you can then also
midify it. It also works if your App sets the Location, but returns a
successful HTTP code back (also rather rare ;-)...) but again: it oftne doesn't
work for exactly the reason that it is handeled as a special case by
http_protocol.c, which mod_headers doesn't respect.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 65380] "Location" header not covered in ap_headers_error_filter
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=65380
Ruediger Pluem <rp...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
--- Comment #1 from Ruediger Pluem <rp...@apache.org> ---
Does
Header <action> Location
work to adjust the Location header (note I removed always)?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org