You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ruediger Pluem <rp...@apache.org> on 2020/02/25 08:33:03 UTC
Re: svn commit: r1874389 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/mod_usertrack.xml modules/metadata/mod_usertrack.c
On 02/22/2020 06:10 PM, covener@apache.org wrote:
> Author: covener
> Date: Sat Feb 22 17:10:10 2020
> New Revision: 1874389
>
> URL: http://svn.apache.org/viewvc?rev=1874389&view=rev
> Log:
> PR64077: samesite/httponly/secure flags for usertrack
>
> Submitted By: Prashant Keshvani <prashant2400 gmail.com>, Eric Covener
> Committed By: covener
>
>
> Modified:
> httpd/httpd/trunk/CHANGES
> httpd/httpd/trunk/docs/manual/mod/mod_usertrack.xml
> httpd/httpd/trunk/modules/metadata/mod_usertrack.c
>
>
> Modified: httpd/httpd/trunk/modules/metadata/mod_usertrack.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/metadata/mod_usertrack.c?rev=1874389&r1=1874388&r2=1874389&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/metadata/mod_usertrack.c (original)
> +++ httpd/httpd/trunk/modules/metadata/mod_usertrack.c Sat Feb 22 17:10:10 2020
> @@ -86,6 +86,9 @@ typedef struct {
> const char *cookie_domain;
> char *regexp_string; /* used to compile regexp; save for debugging */
> ap_regex_t *regexp; /* used to find usertrack cookie in cookie header */
> + int is_secure;
> + int is_httponly;
> + const char *samesite;
> } cookie_dir_rec;
>
> /* Make Cookie: Now we have to generate something that is going to be
> @@ -143,6 +146,21 @@ static void make_cookie(request_rec *r)
> : ""),
> NULL);
> }
> + if (dcfg->samesite != NULL) {
> + new_cookie = apr_pstrcat(r->pool, new_cookie, "; ",
> + dcfg->samesite,
> + NULL);
> + }
> + if (dcfg->is_secure) {
> + new_cookie = apr_pstrcat(r->pool, new_cookie, "; Secure",
> + NULL);
> + }
> + if (dcfg->is_httponly) {
> + new_cookie = apr_pstrcat(r->pool, new_cookie, "; HttpOnly",
> + NULL);
> + }
> +
> +
Just as a breadcrumb as I don't have time to fix it myself right now:
I guess this could be more effective memory and possibly CPU wise if we would collect all the possible
strings including the one for domain in the already existing code above in an apr_array and do an
apr_array_pstrcat to build the final cookie value once all components are sorted out.
Regards
RĂ¼diger
Re: svn commit: r1874389 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/mod_usertrack.xml modules/metadata/mod_usertrack.c
Posted by Eric Covener <co...@gmail.com>.
I tagged it "beginner" at https://bz.apache.org/bugzilla/show_bug.cgi?id=64175
On Tue, Feb 25, 2020 at 5:24 AM Yann Ylavic <yl...@gmail.com> wrote:
>
> On Tue, Feb 25, 2020 at 9:33 AM Ruediger Pluem <rp...@apache.org> wrote:
> >
> > I guess this could be more effective memory and possibly CPU wise if we would collect all the possible
> > strings including the one for domain in the already existing code above in an apr_array and do an
> > apr_array_pstrcat to build the final cookie value once all components are sorted out.
>
> FWIW, I find the ap_varbuf interface quite handy and efficient.
>
> Regards,
> Yann.
--
Eric Covener
covener@gmail.com
Re: svn commit: r1874389 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/mod_usertrack.xml modules/metadata/mod_usertrack.c
Posted by Yann Ylavic <yl...@gmail.com>.
On Tue, Feb 25, 2020 at 9:33 AM Ruediger Pluem <rp...@apache.org> wrote:
>
> I guess this could be more effective memory and possibly CPU wise if we would collect all the possible
> strings including the one for domain in the already existing code above in an apr_array and do an
> apr_array_pstrcat to build the final cookie value once all components are sorted out.
FWIW, I find the ap_varbuf interface quite handy and efficient.
Regards,
Yann.