You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by wr...@apache.org on 2005/08/08 03:31:07 UTC

svn commit: r230727 - /httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c

Author: wrowe
Date: Sun Aug  7 18:31:02 2005
New Revision: 230727

URL: http://svn.apache.org/viewcvs?rev=230727&view=rev
Log:

  Backport the rejection of non-'chunked' values in the transfer
  encoding; we simply don't know what, exactly to do with them.

  Backport the reporting of 'both C-L and T-E' when we encounter
  this edge case, setting the connection up to close down once
  we finish (perhaps we were victims of a request splitting attack).

Modified:
    httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c

Modified: httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c?rev=230727&r1=230726&r2=230727&view=diff
==============================================================================
--- httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c (original)
+++ httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c Sun Aug  7 18:31:02 2005
@@ -1037,6 +1037,30 @@
         goto skip_body;
     }
 
+    /* WE only understand chunked.  Other modules might inject
+     * (and therefore, decode) other flavors but we don't know
+     * that the can and have done so unless they they remove
+     * their decoding from the headers_in T-E list.
+     * XXX: Make this extensible, but in doing so, presume the
+     * encoding has been done by the extensions' handler, and 
+     * do not modify add_te_chunked's logic
+     */
+    if (old_te_val && strcmp(old_te_val, "chunked") != 0) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+                     "proxy: %s Transfer-Encoding is not supported",
+                     old_te_val);
+        return APR_EINVAL;
+    }
+
+    if (old_cl_val && old_te_val) {
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, APR_ENOTIMPL, r->server,
+                     "proxy: client %s (%s) requested Transfer-Encoding body"
+                     " with Content-Length (C-L ignored)",
+                     c->remote_ip, c->remote_host ? c->remote_host: "");
+        origin->keepalive = AP_CONN_CLOSE;
+        p_conn->close++;
+    }
+
     /* Prefetch MAX_MEM_SPOOL bytes
      *
      * This helps us avoid any election of C-L v.s. T-E