You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ig...@apache.org on 2011/01/19 13:48:17 UTC
svn commit: r1060795 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/mod_proxy.xml modules/proxy/mod_proxy.c
modules/proxy/mod_proxy.h modules/proxy/mod_proxy_http.c
Author: igalic
Date: Wed Jan 19 12:48:17 2011
New Revision: 1060795
URL: http://svn.apache.org/viewvc?rev=1060795&view=rev
Log:
Add a patch from Vincent Deffontaines to make the adding of X-forwarded-*
headers configurable: ProxyAddHeaders, defaulting to 'On'.
http://www.mail-archive.com/dev@httpd.apache.org/msg49971.html
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
httpd/httpd/trunk/modules/proxy/mod_proxy.c
httpd/httpd/trunk/modules/proxy/mod_proxy.h
httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1060795&r1=1060794&r2=1060795&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jan 19 12:48:17 2011
@@ -2,6 +2,9 @@
Changes with Apache 2.3.11
+ *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
+ ProxyAddHeaders defaults to On. [Vincent Deffontaines]
+
*) mod_slotmem_shm: Increase memory alignment for slotmem data.
[Rainer Jung]
Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml?rev=1060795&r1=1060794&r2=1060795&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml Wed Jan 19 12:48:17 2011
@@ -1702,4 +1702,25 @@ header for proxied requests</description
</usage>
</directivesynopsis>
+<directivesynopsis>
+<name>ProxyAddHeaders</name>
+<description>Add proxy information in X-Forwarded-* headers</description>
+<syntax>ProxyAddHeaders Off|On</syntax>
+<default>ProxyAddHeaders On</default>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+</contextlist>
+<compatibility>Available in version 2.3.10 and later</compatibility>
+
+<usage>
+ <p>This directive determines whether or not proxy related information should be passed to the
+ backend server through X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server HTTP headers.</p>
+ <note><title>Effectiveness</title>
+ <p>This option is of use only for HTTP proxying, as handled by <module>mod_proxy_http</module>.</p>
+ </note>
+
+
+</usage>
+</directivesynopsis>
</modulesynopsis>
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy.c?rev=1060795&r1=1060794&r2=1060795&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy.c Wed Jan 19 12:48:17 2011
@@ -1246,6 +1246,7 @@ static void *create_proxy_dir_config(apr
new->interpolate_env = -1; /* unset */
new->error_override = 0;
new->error_override_set = 0;
+ new->add_forwarded_headers = 1;
return (void *) new;
}
@@ -1278,6 +1279,7 @@ static void *merge_proxy_dir_config(apr_
new->error_override_set = add->error_override_set || base->error_override_set;
new->alias = (add->alias_set == 0) ? base->alias : add->alias;
new->alias_set = add->alias_set || base->alias_set;
+ new->add_forwarded_headers = add->add_forwarded_headers;
return new;
}
@@ -1709,6 +1711,13 @@ static const char *
return NULL;
}
static const char *
+ add_proxy_http_headers(cmd_parms *parms, void *dconf, int flag)
+{
+ proxy_dir_conf *conf = dconf;
+ conf->add_forwarded_headers = flag;
+ return NULL;
+}
+static const char *
set_preserve_host(cmd_parms *parms, void *dconf, int flag)
{
proxy_dir_conf *conf = dconf;
@@ -2225,6 +2234,8 @@ static const command_rec proxy_cmds[] =
"A balancer or worker name with list of params"),
AP_INIT_TAKE1("ProxySourceAddress", set_source_address, NULL, RSRC_CONF,
"Configure local source IP used for request forward"),
+ AP_INIT_FLAG("ProxyAddHeaders", add_proxy_http_headers, NULL, RSRC_CONF|ACCESS_CONF,
+ "on if X-Forwarded-* headers should be added or completed"),
{NULL}
};
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy.h?rev=1060795&r1=1060794&r2=1060795&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy.h (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy.h Wed Jan 19 12:48:17 2011
@@ -206,6 +206,7 @@ typedef struct {
int preserve_host_set:1;
int error_override_set:1;
int alias_set:1;
+ int add_forwarded_headers:1;
} proxy_dir_conf;
/* if we interpolate env vars per-request, we'll need a per-request
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?rev=1060795&r1=1060794&r2=1060795&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy_http.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy_http.c Wed Jan 19 12:48:17 2011
@@ -851,29 +851,30 @@ int ap_proxy_http_request(apr_pool_t *p,
* a forward proxy configuation instead of X-Forwarded-*. See the
* ProxyVia option for details.
*/
-
- if (PROXYREQ_REVERSE == r->proxyreq) {
- const char *buf;
-
- /* Add X-Forwarded-For: so that the upstream has a chance to
- * determine, where the original request came from.
- */
- apr_table_mergen(r->headers_in, "X-Forwarded-For",
- c->remote_ip);
-
- /* Add X-Forwarded-Host: so that upstream knows what the
- * original request hostname was.
- */
- if ((buf = apr_table_get(r->headers_in, "Host"))) {
- apr_table_mergen(r->headers_in, "X-Forwarded-Host", buf);
- }
-
- /* Add X-Forwarded-Server: so that upstream knows what the
- * name of this proxy server is (if there are more than one)
- * XXX: This duplicates Via: - do we strictly need it?
- */
- apr_table_mergen(r->headers_in, "X-Forwarded-Server",
- r->server->server_hostname);
+ if (dconf->add_forwarded_headers) {
+ if (PROXYREQ_REVERSE == r->proxyreq) {
+ const char *buf;
+
+ /* Add X-Forwarded-For: so that the upstream has a chance to
+ * determine, where the original request came from.
+ */
+ apr_table_mergen(r->headers_in, "X-Forwarded-For",
+ c->remote_ip);
+
+ /* Add X-Forwarded-Host: so that upstream knows what the
+ * original request hostname was.
+ */
+ if ((buf = apr_table_get(r->headers_in, "Host"))) {
+ apr_table_mergen(r->headers_in, "X-Forwarded-Host", buf);
+ }
+
+ /* Add X-Forwarded-Server: so that upstream knows what the
+ * name of this proxy server is (if there are more than one)
+ * XXX: This duplicates Via: - do we strictly need it?
+ */
+ apr_table_mergen(r->headers_in, "X-Forwarded-Server",
+ r->server->server_hostname);
+ }
}
proxy_run_fixups(r);