You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ni...@apache.org on 2007/10/02 16:16:03 UTC

svn commit: r581253 - /httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml

Author: niq
Date: Tue Oct  2 07:16:03 2007
New Revision: 581253

URL: http://svn.apache.org/viewvc?rev=581253&view=rev
Log:
Document ProxyMaxForwards change in r581117

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml?rev=581253&r1=581252&r2=581253&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml Tue Oct  2 07:16:03 2007
@@ -1087,20 +1087,29 @@
 <description>Maximium number of proxies that a request can be forwarded
 through</description>
 <syntax>ProxyMaxForwards <var>number</var></syntax>
-<default>ProxyMaxForwards 10</default>
+<default>ProxyMaxForwards -1</default>
 <contextlist><context>server config</context><context>virtual host</context>
 </contextlist>
-<compatibility>Available in Apache 2.0 and later</compatibility>
+<compatibility>Available in Apache 2.0 and later;
+	default behaviour changed in 2.2.7/2.3</compatibility>
 
 <usage>
     <p>The <directive>ProxyMaxForwards</directive> directive specifies the
     maximum number of proxies through which a request may pass, if there's no
-    <code>Max-Forwards</code> header supplied with the request. This is
-    set to prevent infinite proxy loops, or a DoS attack.</p>
+    <code>Max-Forwards</code> header supplied with the request. This may
+    be set to prevent infinite proxy loops, or a DoS attack.</p>
 
     <example><title>Example</title>
       ProxyMaxForwards 15
     </example>
+
+    <p>Note that setting <directive>ProxyMaxForwards</directive> is a
+    violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy
+    setting <code>Max-Forwards</code> if the Client didn't set it.
+    Earlier Apache versions would always set it.  A negative
+    <directive>ProxyMaxForwards</directive> value, including the
+    default -1, gives you protocol-compliant behaviour, but may
+    leave you open to loops.</p>
 </usage>
 </directivesynopsis>