You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2005/08/08 03:31:07 UTC
svn commit: r230727 -
/httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c
Author: wrowe
Date: Sun Aug 7 18:31:02 2005
New Revision: 230727
URL: http://svn.apache.org/viewcvs?rev=230727&view=rev
Log:
Backport the rejection of non-'chunked' values in the transfer
encoding; we simply don't know what, exactly to do with them.
Backport the reporting of 'both C-L and T-E' when we encounter
this edge case, setting the connection up to close down once
we finish (perhaps we were victims of a request splitting attack).
Modified:
httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c
Modified: httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c?rev=230727&r1=230726&r2=230727&view=diff
==============================================================================
--- httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c (original)
+++ httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c Sun Aug 7 18:31:02 2005
@@ -1037,6 +1037,30 @@
goto skip_body;
}
+ /* WE only understand chunked. Other modules might inject
+ * (and therefore, decode) other flavors but we don't know
+ * that the can and have done so unless they they remove
+ * their decoding from the headers_in T-E list.
+ * XXX: Make this extensible, but in doing so, presume the
+ * encoding has been done by the extensions' handler, and
+ * do not modify add_te_chunked's logic
+ */
+ if (old_te_val && strcmp(old_te_val, "chunked") != 0) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+ "proxy: %s Transfer-Encoding is not supported",
+ old_te_val);
+ return APR_EINVAL;
+ }
+
+ if (old_cl_val && old_te_val) {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, APR_ENOTIMPL, r->server,
+ "proxy: client %s (%s) requested Transfer-Encoding body"
+ " with Content-Length (C-L ignored)",
+ c->remote_ip, c->remote_host ? c->remote_host: "");
+ origin->keepalive = AP_CONN_CLOSE;
+ p_conn->close++;
+ }
+
/* Prefetch MAX_MEM_SPOOL bytes
*
* This helps us avoid any election of C-L v.s. T-E