Commit 2958118a authored by Luca Toscano's avatar Luca Toscano
Browse files

mod_rewrite,core: avoid Vary:Host (part 2) 

This is a follow up of r1808746 after a chat
with Yann on dev@:

- the HTTP:Host variable suffers from the same problem
- the strcasecmp should be used to allow case-sensitive
  comparisons.
- in mod_rewrite is less cumbersome and more clean to just
  make the Host header check in lookup_header, so it will
  be automatically picked up by every part of the code
  that uses it. It shouldn't be a relevant overhead for
  mod_rewrite.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1809028 13f79535-47bb-0310-9956-ffa450edef68
parent ca43ff18

CHANGES

+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ Changes with Apache 2.5.0 
     PR 38923 [Nick Kew]



  *) mod_rewrite, core: Avoid the 'Vary: Host' response header when HTTP_HOST is

     used in a condition that evaluates to true. PR 58231 [Luca Toscano]

     used in a condition that evaluates to true. PR 58231 [Luca Toscano, Yann Ylavic]



  *) mod_md: v0.9.6: a "MDRequireHttps permament" configured domain automatically sends out

     HSTS (rfc 6797) headers in https: responses. [Stefan Eissing]

modules/mappers/mod_rewrite.c

+5 −5
Original line number Diff line number Diff line
@@ -1808,7 +1808,10 @@ static const char *lookup_header(const char *name, rewrite_ctx *ctx) 
{

    const char *val = apr_table_get(ctx->r->headers_in, name);



    if (val) {

    /* Skip the 'Vary: Host' header combination

     * as indicated in rfc7231 section-7.1.4

     */

    if (val && strcasecmp(name, "Host") != 0) {

        ctx->vary_this = ctx->vary_this

                         ? apr_pstrcat(ctx->r->pool, ctx->vary_this, ", ",

                                       name, NULL)
@@ -2035,10 +2038,7 @@ static char *lookup_variable(char *var, rewrite_ctx *ctx) 


            case 'S':

                if (!strcmp(var, "HTTP_HOST")) {

                    /* Skip the 'Vary: Host' header combination

                     * as indicated in rfc7231 section-7.1.4

                     */

                    result = apr_table_get(ctx->r->headers_in, "Host");

                    result = lookup_header("Host", ctx);

                }

                break;

server/util_expr_eval.c

+7 −2
Original line number Diff line number Diff line
@@ -1044,8 +1044,13 @@ static const char *req_table_func(ap_expr_eval_ctx_t *ctx, const void *data, 
        t = ctx->r->headers_in;

    else {                          /* req, http */

        t = ctx->r->headers_in;

        /* Skip the 'Vary: Host' header combination

         * as indicated in rfc7231 section-7.1.4

         */

        if (strcasecmp(arg, "Host")){

            add_vary(ctx, arg);

        }

    }

    return apr_table_get(t, arg);

}
@@ -1609,7 +1614,7 @@ static const char *req_header_var_fn(ap_expr_eval_ctx_t *ctx, const void *data) 
    /* Skip the 'Vary: Host' header combination

     * as indicated in rfc7231 section-7.1.4

     */

    if (strcmp(name, "Host")){

    if (strcasecmp(name, "Host")){

        add_vary(ctx, name);

    }

    return apr_table_get(ctx->r->headers_in, name);