- Mar 25, 2002
-
-
Graham Leggett authored
only overriding if the request is a proxy request. It has been pointed out that the previous fix allows CGIs and modules to override the Server header, which is change to previous behavior. PR: Obtained from: Submitted by: Graham Leggett, Joshua Slive Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94165 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
luck this bug is actually now dead. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94164 13f79535-47bb-0310-9956-ffa450edef68
-
Martin Kraemer authored
(indent | pr -t -e8) without changing anything else. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94158 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 22, 2002
-
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94123 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 21, 2002
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94104 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94102 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94101 13f79535-47bb-0310-9956-ffa450edef68
-
Cliff Woolley authored
functionally useless. This gets rid of them without changing the behavior at all (ie, it doesn't matter if this change makes it in to 1.3.24 or not). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94100 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94099 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94098 13f79535-47bb-0310-9956-ffa450edef68
-
Cliff Woolley authored
but send_parsed_content() was ignoring THEIR return codes, resulting in another segfault in a related set of circumstances. In all cases we should consider ret!=0 from any of the handle_foo() functions to mean premature EOF was encountered. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94097 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Couple of newly recognized dependencies git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94096 13f79535-47bb-0310-9956-ffa450edef68
-
Aaron Bannert authored
Also mention isindex-style query argument passing, so we don't confuse this with QUERY_STRING. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94093 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Introduce proper escaping of command.com and cmd.exe for Win32. These patches close vulnerability CAN-2002-0061, identified and reported by Ory Segal <ory.segal@sanctuminc> 13 Feb 2002, by which any invocation of .bat or .cmd files permit system comprimize when cmd.exe parsed the args passed from QUERY_STRING. [William Rowe] Patches of the set reviewed by Allan Edwards and Bill Stoddard, while the security solutions were reviewed at length by the entire security community at the ASF. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94092 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Retain the Unix sh escapes list for compatibility. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94090 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Share ap_double_quotes() code between OS2 and Win32 to use for Win32's command.com, and introduce ap_caret_escape_args() for Win32's cmd.exe. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94089 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
directive handles this. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94086 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
the original site Server header with it's own, which is not allowed by RFC2616. Fixed. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94085 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
the URL instead of the value of the ServerName directive. This stops Apache redirecting to a different website name to the one the user typed in, which can break cookies and javascript handling on the client. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94084 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
are broken in that they contain dates which in turn contain commas - so merging and then unmerging them breaks Set-Cookie headers. Sigh. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94082 13f79535-47bb-0310-9956-ffa450edef68
-
Cliff Woolley authored
notice premature EOF's while looking for the "expr=" tag. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94079 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Clear up a signed/unsigned comparison and assignment. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94078 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Introduce earlier identification of command.com v.s. cmd.exe for Win32 .bat/.cmd scripts, and assure we treat command.com as a 16-bit application. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94077 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Clarify some difficult to read code by modifying comments to express the current behavior, and deprecate some long unused win32 code. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94076 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Pass the command line to the cmd.exe /c interpreter double quoted. This fixes a bug that CGI args ending in a double-quote would cause invocation to fail. Just fixed the converse problem in Apache 2.0, where assumed they all acted as cmd.exe, which command.com will not. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94075 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Win32; Never invoke cmd or bat scripts based on the registry, even with 'ScriptInterpreterSource Registry' enabled, since I've discovered the registry is inconsistent between the versions of WinNT/2K/XP. [William Rowe] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94074 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Provide Win32 users a log of the cgi command invoked, to assist in debugging scripts, at LogLevel info. Also provide env vars at LogLevel debug for additional help to admins troubleshooting the ever mysterious "Premature end of script headers" error. Since this is the single most common cause of trouble reports on the newslist, at least this gives us something to point users at. [Aaron Bannert] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94073 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Add the 'CgiCommandArgs off' directive, to allow paranoid admins to disable the query argument passing mechanism in Apache. [Aaron Bannert] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94072 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 19, 2002
-
-
Lars Eilebrecht authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94022 13f79535-47bb-0310-9956-ffa450edef68
-
Bill Stoddard authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94021 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
PR: Obtained from: Submitted by: Reviewed by: CVSe ---------------------------------------------------------------------- git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@94016 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 16, 2002
-
-
William A. Rowe Jr authored
Yes Cliff... this can go in changes too. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93975 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Resolve bugs introduced by my Rev 1.173, which attempted to close a type mismatch error. This truncation should now produce a random result, once again. PR 10090, 10185 Bug pinpointed by Jeroen Boomgaardt <jeroen@swissclue.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93974 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 14, 2002
-
-
Martin Kraemer authored
PR: 9932 Submitted by: Joshua Colvin <joshua@jammed.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93933 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 13, 2002
-
-
Roy T. Fielding authored
the wrong license. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93919 13f79535-47bb-0310-9956-ffa450edef68
-
Bradley Nicholes authored
configuration file errors to the logger screen rather than to the Apache screen. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93905 13f79535-47bb-0310-9956-ffa450edef68
-
Bradley Nicholes authored
configuration file errors to the logger screen rather than to the Apache screen. This allows Apache to shutdown cleanly and completely on an error condition without losing the error information that was written to the screen or requiring user interaction to close the Apache screen. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93904 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 09, 2002
-
-
Graham Leggett authored
buffer used while reading from the remote server in proxy was taken from ProxyReceiveBufferSize. These two functions were similar but not the same, thus the need for the split. PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93821 13f79535-47bb-0310-9956-ffa450edef68
-
David McCreedy authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93809 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 08, 2002
-
-
Graham Leggett authored
wrong variable. PR: Obtained from: Submitted by: Geff Hanoian <geff@pier64.com> Reviewed by: Graham Leggett git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93803 13f79535-47bb-0310-9956-ffa450edef68
-