You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by sf...@apache.org on 2012/04/20 13:22:20 UTC
svn commit: r1328326 - in /httpd/httpd/trunk: CHANGES
modules/ssl/ssl_engine_kernel.c
Author: sf
Date: Fri Apr 20 11:22:20 2012
New Revision: 1328326
URL: http://svn.apache.org/viewvc?rev=1328326&view=rev
Log:
Remove the link in the speaking-http-on-https error message.
With SNI, the link will usually be wrong. So better send no link at all.
PR: 50823
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1328326&r1=1328325&r2=1328326&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Apr 20 11:22:20 2012
@@ -2,7 +2,8 @@
Changes with Apache 2.5.0
*) mod_ssl: Send the error message for speaking http to an https port using
- HTTP/1.0 instead of HTTP/0.9. PR 50823. [Stefan Fritsch]
+ HTTP/1.0 instead of HTTP/0.9, and omit the link that may be wrong when
+ using SNI. PR 50823. [Stefan Fritsch]
*) mod_authz_core: Fix parsing of Require arguments in <AuthzProviderAlias>.
PR 53048. [Stefan Fritsch]
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1328326&r1=1328325&r2=1328326&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Fri Apr 20 11:22:20 2012
@@ -141,30 +141,10 @@ int ssl_hook_ReadReq(request_rec *r)
}
if (sslconn->non_ssl_request == NON_SSL_SET_ERROR_MSG) {
- const char *errmsg;
- char *thisurl;
- char *thisport = "";
- int port = ap_get_server_port(r);
-
- if (!ap_is_default_port(port, r)) {
- thisport = apr_psprintf(r->pool, ":%u", port);
- }
-
- thisurl = ap_escape_html(r->pool,
- apr_psprintf(r->pool, "https://%s%s/",
- ap_get_server_name_for_url(r),
- thisport));
-
- errmsg = apr_psprintf(r->pool,
- "Reason: You're speaking plain HTTP "
- "to an SSL-enabled server port.<br />\n"
- "Instead use the HTTPS scheme to access "
- "this URL, please.<br />\n"
- "<blockquote>Hint: "
- "<a href=\"%s\"><b>%s</b></a></blockquote>",
- thisurl, thisurl);
-
- apr_table_setn(r->notes, "error-notes", errmsg);
+ apr_table_setn(r->notes, "error-notes",
+ "Reason: You're speaking plain HTTP to an SSL-enabled "
+ "server port.<br />\n Instead use the HTTPS scheme to "
+ "access this URL, please.<br />\n");
/* Now that we have caught this error, forget it. we are done
* with using SSL on this request.