Merge r1667676, r1826207 from trunk: (cc6357f0) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit cc6357f0 authored Mar 09, 2018 by

Joe Orton

Merge r1667676, r1826207 from trunk:

* mod_access_compat, mod_authz_host: Handle '#' character.
For mod_access_compat, disable '#' in hostname completely.
For mod_authz_host, treat '#' as a comment and ignore everything after that.
This allows better handling of admin errors like
'Require host localhost# Add example.com later'.

* modules/aaa/mod_authz_host.c (host_check_authorization): Simplify
  comment stripping in "Require host"; log a warning if a comment is
  used in 'Require host', or an error if the expression is empty with
  the comment stripped. (Currently in 2.4, #comment part is parsed)

Submitted by: jkaluza, jorton
Reviewed by: jorton, jim, ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826309 13f79535-47bb-0310-9956-ffa450edef68

parent dba3b47d

Hide whitespace changes

Inline Side-by-side

Please register or to comment