You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2003/06/06 04:48:56 UTC
cvs commit: httpd-2.0/modules/http http_protocol.c
trawick 2003/06/05 19:48:56
Modified: . CHANGES
modules/http http_protocol.c
Log:
Don't respect the Server header field as set by modules and CGIs.
As with 1.3, for proxy requests any such field is from the origin
server; otherwise it will have our server info as controlled by
the ServerTokens directive.
Revision Changes Path
1.1197 +5 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.1196
retrieving revision 1.1197
diff -u -r1.1196 -r1.1197
--- CHANGES 5 Jun 2003 16:54:47 -0000 1.1196
+++ CHANGES 6 Jun 2003 02:48:55 -0000 1.1197
@@ -2,6 +2,11 @@
[Remove entries to the current 2.0 section below, when backported]
+ *) Don't respect the Server header field as set by modules and CGIs.
+ As with 1.3, for proxy requests any such field is from the origin
+ server; otherwise it will have our server info as controlled by
+ the ServerTokens directive. [Jeff Trawick]
+
*) Fix some broken log messages in WinNT MPM.
[Juan Rivera <Ju...@citrix.com>]
1.470 +6 -3 httpd-2.0/modules/http/http_protocol.c
Index: http_protocol.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/http/http_protocol.c,v
retrieving revision 1.469
retrieving revision 1.470
diff -u -r1.469 -r1.470
--- http_protocol.c 9 May 2003 21:37:55 -0000 1.469
+++ http_protocol.c 6 Jun 2003 02:48:55 -0000 1.470
@@ -1299,10 +1299,13 @@
h.bb = bb;
form_header_field(&h, "Date", date);
- /* keep a previously set server header (possibly from proxy), otherwise
+ /* keep the set-by-proxy server header, otherwise
* generate a new server header */
- if ((server = apr_table_get(r->headers_out, "Server")) != NULL) {
- form_header_field(&h, "Server", server);
+ if (r->proxyreq != PROXYREQ_NONE) {
+ server = apr_table_get(r->headers_out, "Server");
+ if (server) {
+ form_header_field(&h, "Server", server);
+ }
}
else {
form_header_field(&h, "Server", ap_get_server_version());