You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2017/05/26 21:50:33 UTC
svn commit: r1796352 - in /httpd/httpd/trunk/modules:
generators/mod_status.c proxy/mod_proxy.c
Author: covener
Date: Fri May 26 21:50:33 2017
New Revision: 1796352
URL: http://svn.apache.org/viewvc?rev=1796352&view=rev
Log:
remove r1792169 taint checks from proxy and status modules
Both of these checks are problematic without further
work.
status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.
Modified:
httpd/httpd/trunk/modules/generators/mod_status.c
httpd/httpd/trunk/modules/proxy/mod_proxy.c
Modified: httpd/httpd/trunk/modules/generators/mod_status.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?rev=1796352&r1=1796351&r2=1796352&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/generators/mod_status.c (original)
+++ httpd/httpd/trunk/modules/generators/mod_status.c Fri May 26 21:50:33 2017
@@ -213,13 +213,6 @@ static int status_handler(request_rec *r
return DECLINED;
}
- /* A request that has passed through .htaccess has no business
- * landing up here.
- */
- if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
- return DECLINED;
- }
-
#ifdef HAVE_TIMES
times_per_thread = getpid() != child_pid;
#endif
Modified: httpd/httpd/trunk/modules/proxy/mod_proxy.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy.c?rev=1796352&r1=1796351&r2=1796352&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy.c Fri May 26 21:50:33 2017
@@ -932,14 +932,6 @@ static int proxy_fixup(request_rec *r)
if (!r->proxyreq || !r->filename || strncmp(r->filename, "proxy:", 6) != 0)
return DECLINED;
- /* A request that has passed through .htaccess has no business
- * serving contents from so far outside its directory.
- * Since we're going to decline it, don't waste time here.
- */
- if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
- return DECLINED;
- }
-
/* XXX: Shouldn't we try this before we run the proxy_walk? */
url = &r->filename[6];