You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2008/06/05 14:46:43 UTC
svn commit: r663593 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/proxy/mod_proxy_ajp.c modules/proxy/mod_proxy_balancer.c
modules/proxy/mod_proxy_http.c
Author: jim
Date: Thu Jun 5 05:46:43 2008
New Revision: 663593
URL: http://svn.apache.org/viewvc?rev=663593&view=rev
Log:
Merge r649169, r649239, r649840, r649922, r650026, r661452, r661459 from trunk:
Make mod_proxy_ajp aware of the nocanon envvar
handle ? in cases where nocanon is in effect
* Do not add the query string again in the case that we are using the
unparsed uri.
PR: 44803
Set at init time, and combine comments
Typo.
* Do not add the query string again in the case that we are using the
unparsed uri.
PR: 44803
* Set at init time and combine comments.
Reviewed by: jim
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=663593&r1=663592&r2=663593&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Thu Jun 5 05:46:43 2008
@@ -5,6 +5,10 @@
mod_proxy_balancer: Prevent CSRF attacks against the balancer-manager
interface. [Joe Orton]
+ *) mod_proxy: Make all proxy modules nocanon aware and do not add the
+ query string again in this case. PR 44803.
+ [Jim Jagielski, Ruediger Pluem]
+
*) mod_unique_id: Fix timestamp value in UNIQUE_ID.
PR 37064 [Kobayashi <kobayashi firstserver.co.jp>]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=663593&r1=663592&r2=663593&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Thu Jun 5 05:46:43 2008
@@ -84,22 +84,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_proxy_http, mod_proxy_ajp, mod_proxy_balancer: Make modules nocanon aware
- and do not add the query string again in this case. PR 44803
- [Jim Jagielski, Ruediger Pluem]
- Trunk version of patch:
- http://svn.apache.org/viewvc?rev=649169&view=rev
- http://svn.apache.org/viewvc?rev=649239&view=rev
- http://svn.apache.org/viewvc?rev=649840&view=rev
- http://svn.apache.org/viewvc?rev=649922&view=rev
- http://svn.apache.org/viewvc?rev=650026&view=rev
- http://svn.apache.org/viewvc?rev=661452&view=rev
- http://svn.apache.org/viewvc?rev=661459&view=rev
- Backport version for 2.2.x of patch:
- Trunk version of patch works
- Rollup-patch for 2.2 available at:
- http://people.apache.org/~jim/patches/nocanon-patch-2.2.txt
- +1: rpluem, jim, jfclere
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?rev=663593&r1=663592&r2=663593&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c Thu Jun 5 05:46:43 2008
@@ -29,7 +29,8 @@
*/
static int proxy_ajp_canon(request_rec *r, char *url)
{
- char *host, *path, *search, sport[7];
+ char *host, *path, sport[7];
+ char *search = NULL;
const char *err;
apr_port_t port = AJP13_DEF_PORT;
@@ -57,23 +58,18 @@
}
/*
- * now parse path/search args, according to rfc1738
- *
- * N.B. if this isn't a true proxy request, then the URL _path_
- * has already been decoded. True proxy requests have
- * r->uri == r->unparsed_uri, and no others have that property.
+ * now parse path/search args, according to rfc1738:
+ * process the path. With proxy-noncanon set (by
+ * mod_proxy) we use the raw, unparsed uri
*/
- if (r->uri == r->unparsed_uri) {
- search = strchr(url, '?');
- if (search != NULL)
- *(search++) = '\0';
+ if (apr_table_get(r->notes, "proxy-nocanon")) {
+ path = url; /* this is the raw path */
}
- else
+ else {
+ path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
+ r->proxyreq);
search = r->args;
-
- /* process path */
- path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
- r->proxyreq);
+ }
if (path == NULL)
return HTTP_BAD_REQUEST;
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c?rev=663593&r1=663592&r2=663593&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c Thu Jun 5 05:46:43 2008
@@ -31,7 +31,8 @@
static int proxy_balancer_canon(request_rec *r, char *url)
{
- char *host, *path, *search;
+ char *host, *path;
+ char *search = NULL;
const char *err;
apr_port_t port = 0;
@@ -55,21 +56,19 @@
url, err);
return HTTP_BAD_REQUEST;
}
- /* now parse path/search args, according to rfc1738 */
- /* N.B. if this isn't a true proxy request, then the URL _path_
- * has already been decoded. True proxy requests have r->uri
- * == r->unparsed_uri, and no others have that property.
+ /*
+ * now parse path/search args, according to rfc1738:
+ * process the path. With proxy-noncanon set (by
+ * mod_proxy) we use the raw, unparsed uri
*/
- if (r->uri == r->unparsed_uri) {
- search = strchr(url, '?');
- if (search != NULL)
- *(search++) = '\0';
+ if (apr_table_get(r->notes, "proxy-nocanon")) {
+ path = url; /* this is the raw path */
}
- else
+ else {
+ path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
+ r->proxyreq);
search = r->args;
-
- /* process path */
- path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0, r->proxyreq);
+ }
if (path == NULL)
return HTTP_BAD_REQUEST;
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c?rev=663593&r1=663592&r2=663593&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c Thu Jun 5 05:46:43 2008
@@ -33,7 +33,8 @@
*/
static int proxy_http_canon(request_rec *r, char *url)
{
- char *host, *path, *search, sport[7];
+ char *host, *path, sport[7];
+ char *search = NULL;
const char *err;
const char *scheme;
apr_port_t port, def_port;
@@ -67,21 +68,11 @@
return HTTP_BAD_REQUEST;
}
- /* now parse path/search args, according to rfc1738 */
- /* N.B. if this isn't a true proxy request, then the URL _path_
- * has already been decoded. True proxy requests have r->uri
- * == r->unparsed_uri, and no others have that property.
- */
- if (r->uri == r->unparsed_uri) {
- search = strchr(url, '?');
- if (search != NULL)
- *(search++) = '\0';
- }
- else
- search = r->args;
-
- /* process path */
- /* In a reverse proxy, our URL has been processed, so canonicalise
+ /*
+ * now parse path/search args, according to rfc1738:
+ * process the path.
+ *
+ * In a reverse proxy, our URL has been processed, so canonicalise
* unless proxy-nocanon is set to say it's raw
* In a forward proxy, we have and MUST NOT MANGLE the original.
*/
@@ -94,6 +85,7 @@
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url),
enc_path, 0, r->proxyreq);
+ search = r->args;
}
break;
case PROXYREQ_PROXY: