You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ni...@apache.org on 2007/10/02 16:16:03 UTC
svn commit: r581253 - /httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
Author: niq
Date: Tue Oct 2 07:16:03 2007
New Revision: 581253
URL: http://svn.apache.org/viewvc?rev=581253&view=rev
Log:
Document ProxyMaxForwards change in r581117
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml?rev=581253&r1=581252&r2=581253&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml Tue Oct 2 07:16:03 2007
@@ -1087,20 +1087,29 @@
<description>Maximium number of proxies that a request can be forwarded
through</description>
<syntax>ProxyMaxForwards <var>number</var></syntax>
-<default>ProxyMaxForwards 10</default>
+<default>ProxyMaxForwards -1</default>
<contextlist><context>server config</context><context>virtual host</context>
</contextlist>
-<compatibility>Available in Apache 2.0 and later</compatibility>
+<compatibility>Available in Apache 2.0 and later;
+ default behaviour changed in 2.2.7/2.3</compatibility>
<usage>
<p>The <directive>ProxyMaxForwards</directive> directive specifies the
maximum number of proxies through which a request may pass, if there's no
- <code>Max-Forwards</code> header supplied with the request. This is
- set to prevent infinite proxy loops, or a DoS attack.</p>
+ <code>Max-Forwards</code> header supplied with the request. This may
+ be set to prevent infinite proxy loops, or a DoS attack.</p>
<example><title>Example</title>
ProxyMaxForwards 15
</example>
+
+ <p>Note that setting <directive>ProxyMaxForwards</directive> is a
+ violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy
+ setting <code>Max-Forwards</code> if the Client didn't set it.
+ Earlier Apache versions would always set it. A negative
+ <directive>ProxyMaxForwards</directive> value, including the
+ default -1, gives you protocol-compliant behaviour, but may
+ leave you open to loops.</p>
</usage>
</directivesynopsis>