You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2022/05/31 15:26:12 UTC
svn commit: r1901461 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
Author: ylavic
Date: Tue May 31 15:26:12 2022
New Revision: 1901461
URL: http://svn.apache.org/viewvc?rev=1901461&view=rev
Log:
mod_proxy: ap_proxy_create_hdrbrgd() to clear hop-by-hop first and fixup last.
So that ap_proxy_clear_connection() runs on the original headers only and
proxy_run_fixups() on the final ones.
Modified:
httpd/httpd/trunk/modules/proxy/proxy_util.c
Modified: httpd/httpd/trunk/modules/proxy/proxy_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?rev=1901461&r1=1901460&r2=1901461&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/proxy_util.c (original)
+++ httpd/httpd/trunk/modules/proxy/proxy_util.c Tue May 31 15:26:12 2022
@@ -3944,6 +3944,37 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbr
*/
r->headers_in = apr_table_copy(r->pool, saved_headers_in);
+ /* Return the original Transfer-Encoding and/or Content-Length values
+ * then drop the headers, they must be set by the proxy handler based
+ * on the actual body being forwarded.
+ */
+ if ((*old_te_val = (char *)apr_table_get(r->headers_in,
+ "Transfer-Encoding"))) {
+ apr_table_unset(r->headers_in, "Transfer-Encoding");
+ }
+ if ((*old_cl_val = (char *)apr_table_get(r->headers_in,
+ "Content-Length"))) {
+ apr_table_unset(r->headers_in, "Content-Length");
+ }
+
+ /* Clear out hop-by-hop request headers not to forward */
+ if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
+ rc = HTTP_BAD_REQUEST;
+ goto cleanup;
+ }
+
+ /* RFC2616 13.5.1 says we should strip these */
+ apr_table_unset(r->headers_in, "Keep-Alive");
+ apr_table_unset(r->headers_in, "Upgrade");
+ apr_table_unset(r->headers_in, "TE");
+
+ /* FIXME: since we now handle r->trailers_in on forwarding
+ * request bodies, it seems unwise to clear any Trailer
+ * header present. Is this the correct thing now?
+ */
+ if (force10)
+ apr_table_unset(r->headers_in, "Trailer");
+
/* We used to send `Host: ` always first, so let's keep it that
* way. No telling which legacy backend is relying no this.
*/
@@ -4073,33 +4104,6 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbr
}
}
- /* run hook to fixup the request we are about to send */
- proxy_run_fixups(r);
- if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
- rc = HTTP_BAD_REQUEST;
- goto cleanup;
- }
-
- creds = apr_table_get(r->notes, "proxy-basic-creds");
- if (creds) {
- apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
- }
-
- /* Clear out hop-by-hop request headers not to send
- * RFC2616 13.5.1 says we should strip these headers
- */
- apr_table_unset(r->headers_in, "Keep-Alive");
- apr_table_unset(r->headers_in, "TE");
-
- /* FIXME: since we now handle r->trailers_in on forwarding
- * request bodies, it seems unwise to clear any Trailer
- * header present. Is this the correct thing now?
- */
- if (force10)
- apr_table_unset(r->headers_in, "Trailer");
-
- apr_table_unset(r->headers_in, "Upgrade");
-
/* Do we want to strip Proxy-Authorization ?
* If we haven't used it, then NO
* If we have used it then MAYBE: RFC2616 says we MAY propagate it.
@@ -4110,19 +4114,6 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbr
apr_table_unset(r->headers_in, "Proxy-Authorization");
}
- /* Return the original Transfer-Encoding and/or Content-Length values
- * and drop the headers, they must be set by the proxy handler based
- * on the actual body being forwarded.
- */
- if ((*old_te_val = (char *)apr_table_get(saved_headers_in,
- "Transfer-Encoding"))) {
- apr_table_unset(r->headers_in, "Transfer-Encoding");
- }
- if ((*old_cl_val = (char *)apr_table_get(saved_headers_in,
- "Content-Length"))) {
- apr_table_unset(r->headers_in, "Content-Length");
- }
-
/* for sub-requests, ignore freshness/expiry headers */
if (r->main) {
apr_table_unset(r->headers_in, "If-Match");
@@ -4132,6 +4123,15 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbr
apr_table_unset(r->headers_in, "If-None-Match");
}
+ /* Add credentials (per worker) if any */
+ creds = apr_table_get(r->notes, "proxy-basic-creds");
+ if (creds) {
+ apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
+ }
+
+ /* run hook to fixup the request we are about to send */
+ proxy_run_fixups(r);
+
/* Append the (remaining) headers to the brigade */
ap_h1_append_headers(header_brigade, r, r->headers_in);