Commit 33bc6263 authored by William A. Rowe Jr's avatar William A. Rowe Jr
Browse files 

  The TRACE method control belonged in mod_proxy, it shouldn't
  have been hiding in the http-only proxy provider.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@209384 13f79535-47bb-0310-9956-ffa450edef68
parent 80ab2b89

src/modules/proxy/mod_proxy.c

+33 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ 
#define CORE_PRIVATE



#include "http_log.h"

#include "http_core.h"

#include "http_vhost.h"

#include "http_request.h"
@@ -279,6 +280,38 @@ static int proxy_handler(request_rec *r) 
    if ((rc = ap_setup_client_block(r, REQUEST_CHUNKED_ERROR)))

        return rc;



    if (r->method_number == M_TRACE) {

        core_server_config *coreconf = (core_server_config *)

             ap_get_module_config(r->server->module_config, &core_module);



        if (coreconf->trace_enable == AP_TRACE_DISABLE)

        {

            /* Allow "error-notes" string to be printed by ap_send_error_response()

             * Note; this goes nowhere, canned error response need an overhaul.

             */

            ap_table_setn(r->notes, "error-notes",

                           "TRACE forbidden by server configuration");

            ap_table_setn(r->notes, "verbose-error-to", "*");

            ap_log_rerror(APLOG_MARK, APLOG_ERR, r,

                          "proxy: TRACE forbidden by server configuration");

            return HTTP_FORBIDDEN;

        }



        if (coreconf->trace_enable != AP_TRACE_EXTENDED 

            && (r->read_length || r->read_chunked || r->remaining))

        {

            /* Allow "error-notes" string to be printed by ap_send_error_response()

             * Note; this goes nowhere, canned error response need an overhaul.

             */

            ap_table_setn(r->notes, "error-notes",

                           "TRACE with request body is not allowed");

            ap_table_setn(r->notes, "verbose-error-to", "*");

            ap_log_rerror(APLOG_MARK, APLOG_ERR, r,

                          "proxy: TRACE with request body is not allowed");

            return HTTP_REQUEST_ENTITY_TOO_LARGE;

        }

    }



    url = r->filename + 6;

    p = strchr(url, ':');

    if (p == NULL)

src/modules/proxy/proxy_http.c

+0 −19
Original line number Diff line number Diff line
@@ -15,7 +15,6 @@ 


/* HTTP routines for Apache proxy */



#define CORE_PRIVATE   /* To inspect core_server_conf->trace_enable */

#include "mod_proxy.h"

#include "http_log.h"

#include "http_main.h"
@@ -142,24 +141,6 @@ int ap_proxy_http_handler(request_rec *r, cache_req *c, char *url, 
    memset(&server, '\0', sizeof(server));

    server.sin_family = AF_INET;

    

    if (r->method_number == M_TRACE) {

        core_server_config *coreconf = (core_server_config *)

             ap_get_module_config(r->server->module_config, &core_module);



        if (coreconf->trace_enable == AP_TRACE_DISABLE)

            return ap_proxyerror(r, HTTP_FORBIDDEN,

                                 "TRACE denied by server configuration");



        /* Can't test ap_should_client_block, we aren't ready to send

         * the client a 100 Continue response till the connection has

         * been established

         */

        if (coreconf->trace_enable != AP_TRACE_EXTENDED 

            && (r->read_length || (!r->read_chunked && (r->remaining <= 0))))

            return ap_proxyerror(r, HTTP_REQUEST_ENTITY_TOO_LARGE,

                                 "TRACE with request body is not allowed");

    }

    

    /* We break the URL into host, port, path-search */



    urlptr = strstr(url, "://");