You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Rob Hartill <ro...@imdb.com> on 1997/01/06 19:12:41 UTC
WWW Form Bug Report: "bugs in mod_negotiation (serious)" on FreeBSD (fwd)
acked
---------- Forwarded message ----------
Date: Mon Jan 6 9:12:05 1997
From: lampa@fee.vutbr.cz
To: apache-bugs%apache.org@organic.com
Subject: WWW Form Bug Report: "bugs in mod_negotiation (serious)" on FreeBSD
Submitter: lampa@fee.vutbr.cz
Operating system: FreeBSD, version:
Version of Apache Used: 1.2b4
Extra Modules used:
URL exhibiting problem:
Symptoms:
--
1. Bad handling of lang_index == -1 in is_variant_better().
Here is suggested fix:
*** mod_negotiation.c.old Mon Jan 6 17:21:50 1997
--- mod_negotiation.c Mon Jan 6 17:24:57 1997
***************
*** 1482,1490 ****
/* if language qualities were equal, try the LanguagePriority
* stuff */
! if (variant->lang_index > best->lang_index)
return 0;
! if (variant->lang_index < best->lang_index) {
*p_bestq = q;
return 1;
}
--- 1482,1491 ----
/* if language qualities were equal, try the LanguagePriority
* stuff */
! if (best->lang_index != -1 && variant->lang_index > best->lang_index)
return 0;
! if (varieant->lang_index != -1 &&
! (variant->lang_index < best->lang_index | best->lang_index == -1)) {
*p_bestq = q;
return 1;
}
2. handle_multi() doesn't return content_language (breaks old code).
Fix:
***************
*** 1939,1944 ****
--- 1940,1946 ----
r->content_type = sub_req->content_type;
r->content_encoding = sub_req->content_encoding;
r->content_languages = sub_req->content_languages;
+ r->content_language = sub_req->content_language;
r->finfo = sub_req->finfo;
return OK;
4. The same code doesn't copy headers (headers_out, notes,
etc.), so if some handler (type checker) sets any header for some variant,
request is not processed correctly. I am not sure
about other fields in request.
5. Saving of MULTIPLE_CHOICES in r->notes is incorrect.
r->notes is not propagated back from subrequests
(example: http://xxx.xx/ -> mod_dir -> subrequest ->
handle_multi() -> mod_dir -> notes from subrequest
deleted.
6. All generated variants should be explicitly deleted
in handle_multi() - the same problem as with
mod_dir() and huge directories.
7. Mod_negotiation() expects charset code in
r->content_type, but invoke_handler() in http_config.c
doesn't parse content_type arguments. This should
be consistent, if content_type may containg
arguments (;charset=ISO-8859-2), then invoke_handler()
and others should accept it.
8. handle_multi() style redirect (fixed) would be
nice for other modules. For instance mod_dir()
would be much faster, if you trace calls for
http://www.xxx/, you'll see, that mod_negotiation()
is called twice due to standard redirect
(/ -> mod_dir -> handle_multi -> redirect -> handle_multi())
This could be serious performance hit. I am
suggesting something like this (fast redirect):
*** mod_dir.c.old Sun Dec 1 21:28:59 1996
--- mod_dir.c Mon Dec 30 19:20:49 1996
***************
*** 803,811 ****
new_uri = pstrcat(r->pool, new_uri, "?", rr->args, NULL);
else if (r->args != NULL)
new_uri = pstrcat(r->pool, new_uri, "?", r->args, NULL);
!
!destroy_sub_req (rr);
!internal_redirect (new_uri, r);
return OK;
}
--- 790,815 ----
new_uri = pstrcat(r->pool, new_uri, "?", rr->args, NULL);
else if (r->args != NULL)
new_uri = pstrcat(r->pool, new_uri, "?", r->args, NULL);
!
! if (r->path_info && *r->path_info == '/') ++r->path_info; /* eat o
ne slash for directory "/d'/'/ -> /d/index.html/" */
! r->filename = rr->filename;
! r->handler = rr->handler;
! r->content_type = rr->content_type;
! r->content_encoding = rr->content_encoding;
!r->content_languages = rr->content_languages;
! r->content_language = rr->content_language;
! r->finfo = rr->finfo;
! /* We don't want TRACE to run through the normal handler set,
! * we handle it specially.
! */
! if (r->method_number == M_TRACE) send_http_trace (r);
!else if ((error_notfound = invoke_handler (r)) != 0) {
! die (error_notfound, r);
!return;
!}
!
! /* Take care of little things that need to happen when we're done */
! finalize_request_protocol (r);
return OK;
}
--
Backtrace:
--
--
Submitter: lampa@fee.vutbr.cz
Operating system: FreeBSD, version:
Version of Apache Used: 1.2b4
Extra Modules used:
URL exhibiting problem:
Symptoms:
--
Apache 1.2b4 violates RFC2068 in this:
Messages MUST NOT include both a Content-Length header field and the
"chunked" transfer coding. If both are received, the Content-Length
MUST be ignored.
Content-Length may be set in r->headers_out, and
send_http_header() would send it out even if
flag chunked is set.
--
Backtrace:
--
--
Submitter: lampa@fee.vutbr.cz
Operating system: FreeBSD, version:
Version of Apache Used: 1.2b4
Extra Modules used:
URL exhibiting problem:
Symptoms:
--
The test at line 145 in proxy/proxy_cache.c is probably wrong:
if (curblocks < cachesize || curblocks + curbytes <= cachesize)
return;
Value of curbytes is in bytes and it is compared to
blocks! The same one is at line 174.
--
Backtrace:
--
--
Re: WWW Form Bug Report: "bugs in mod_negotiation (serious)" on FreeBSD (fwd)
Posted by Rob Hartill <ro...@imdb.com>.
On Tue, 7 Jan 1997 Dirk.vanGulik@jrc.it wrote:
>
> On Mon, 6 Jan 1997, Rob Hartill wrote:
>
> > 4. The same code doesn't copy headers (headers_out, notes,
> > etc.), so if some handler (type checker) sets any header for some variant,
> > request is not processed correctly. I am not sure
> > about other fields in request.
I don't remember writing any of this.
Re: WWW Form Bug Report: "bugs in mod_negotiation (serious)" on FreeBSD (fwd)
Posted by Di...@jrc.it.
On Mon, 6 Jan 1997, Rob Hartill wrote:
> 4. The same code doesn't copy headers (headers_out, notes,
> etc.), so if some handler (type checker) sets any header for some variant,
> request is not processed correctly. I am not sure
> about other fields in request.
In general; all headers suffer. I'll try to get our patch cleaned up
because there is a similar problem with that you have to choose wether
to do single or two step shopping; as the draft suggests. I am trying
to get both right; sofar it works with Tango, NS and MSIE but not with
Accent.
> 5. Saving of MULTIPLE_CHOICES in r->notes is incorrect.
> r->notes is not propagated back from subrequests
> (example: http://xxx.xx/ -> mod_dir -> subrequest ->
> handle_multi() -> mod_dir -> notes from subrequest
> deleted.
Quitr giht.
> 6. All generated variants should be explicitly deleted
> in handle_multi() - the same problem as with
> mod_dir() and huge directories.
Any general solution for this ?
> 7. Mod_negotiation() expects charset code in
> r->content_type, but invoke_handler() in http_config.c
> doesn't parse content_type arguments. This should
> be consistent, if content_type may containg
> arguments (;charset=ISO-8859-2), then invoke_handler()
> and others should accept it.
Acutally part of .4
> 8. handle_multi() style redirect (fixed) would be
> nice for other modules. For instance mod_dir()
> would be much faster, if you trace calls for
> http://www.xxx/, you'll see, that mod_negotiation()
> is called twice due to standard redirect
> (/ -> mod_dir -> handle_multi -> redirect -> handle_multi())
> This could be serious performance hit. I am
> suggesting something like this (fast redirect):
Acutally the problem is a bit more trouble some; partly
because four headers (lang, content, etc) are treated
'hardcoded' whereas the others are nicely in a flexible
set_table(). So the long term goal might be to zap this
information; replace it by set_table() and only check
right down at the very end wether this information is
still there and/or add it hardcoded.
Dw.