You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/08/16 21:54:02 UTC
[Bug 61430] New: mod_proxy_fcgi is not RFC 3875 compliant (section
6.2.2 Local Redirect Response)
https://bz.apache.org/bugzilla/show_bug.cgi?id=61430
Bug ID: 61430
Summary: mod_proxy_fcgi is not RFC 3875 compliant (section
6.2.2 Local Redirect Response)
Product: Apache httpd-2
Version: 2.4.27
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy_fcgi
Assignee: bugs@httpd.apache.org
Reporter: apache@stefanseidel.info
Target Milestone: ---
Section 6.2.2 of the CGI Spec says (in a nutshell):
If the application sends a Location: header and a Status Code 200 header, then
the webserver should serve the file specified by the Location header as if the
client had requested the file.
Interestingly, it seems like mod_proxy_scgi has this implemented, at least I
found some references to the Location header in the source code.
mod_fastcgi had this implemented.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61430] mod_proxy_fcgi is not RFC 3875 compliant (section 6.2.2
Local Redirect Response)
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61430
--- Comment #1 from Stefan Seidel <ap...@stefanseidel.info> ---
Sorry, my previous comment wasn't completely correct. I try again:
if the script sends a "Location:" header with a local path (i.e. starting with
/, not with a protocol), *then* the web server should interpret and fulfil this
request as if the client had requested the file specified by the "Location:"
header.
The code in mod_proxy_scgi which I suspect to do the same is:
https://fossies.org/dox/httpd-2.4.27/mod__proxy__scgi_8c_source.html#l00422
And here is the respective bug report which was fixed (after some years) by
lighttpd:
https://redmine.lighttpd.net/issues/2108
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61430] mod_proxy_fcgi is not RFC 3875 compliant (section 6.2.2
Local Redirect Response)
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61430
--- Comment #2 from John Wellesz <jo...@gmail.com> ---
Just to add that with PHP-FPM + mod_FastCGI one could use this local internal
redirection feature doing something like this:
<?php
header("Location: /triop.gif", true, 200);
?>
Then the reply would be direct, without 30x client redirection, just as if
triop.gif had been directly requested... This is very useful to hide the URI of
a downloaded files, for example.
Here is a link to the CGI RFC section 6.2.2:
https://tools.ietf.org/html/rfc3875#section-6.2.2
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61430] mod_proxy_fcgi is not RFC 3875 compliant (section 6.2.2
Local Redirect Response)
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61430
Stefan Seidel <ap...@stefanseidel.info> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |apache@stefanseidel.info
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org