You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by br...@apache.org on 2014/05/06 07:00:22 UTC

svn commit: r1592655 - /httpd/httpd/trunk/modules/dav/main/mod_dav.c

Author: breser
Date: Tue May  6 05:00:21 2014
New Revision: 1592655

URL: http://svn.apache.org/r1592655
Log:
mod_dav: Fix invalid Location header when a resource is created by passing an
absolute URI on the request line.

Using r->unparsed_uri is wrong since it might contain a scheme, hostname and
port.  See section 5.1.2 of RFC 2616, an absolute URI is allowed.  The
unparsed_uri field is absolutely unparsed.  The current code causes the
Location header to end up having the scheme, host and port included twice.

* modules/dav/main/mod_dav.c
  (dav_created): Call ap_escape_uri() on r->uri when caller doesn't provide a
    location.

Modified:
    httpd/httpd/trunk/modules/dav/main/mod_dav.c

Modified: httpd/httpd/trunk/modules/dav/main/mod_dav.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?rev=1592655&r1=1592654&r2=1592655&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/dav/main/mod_dav.c (original)
+++ httpd/httpd/trunk/modules/dav/main/mod_dav.c Tue May  6 05:00:21 2014
@@ -611,7 +611,7 @@ static int dav_created(request_rec *r, c
     const char *body;
 
     if (locn == NULL) {
-        locn = r->unparsed_uri;
+        locn = ap_escape_uri(r->pool, r->uri);
     }
 
     /* did the target resource already exist? */