Skip to content
  1. Aug 27, 2001
    • Cliff Woolley's avatar
      The consensus now is that mod_include should just butt out of any decisions · ae0b5278
      Cliff Woolley authored 
      about what to do with different request methods.  It's true that mod_include
in 1.3.x did not allow POST, but back then it was a handler.  Now it's a
filter and can be used to filter the output of dynamically generated responses,
even ones resulting from a POST request.  So if mod_include is in the filter
stack, it should just blindly parse the brigade regardless of request method.

This still fixes the security problem, it just fixes it by being more flexible
rather than less so.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90728 13f79535-47bb-0310-9956-ffa450edef68
      ae0b5278
    • Ryan Bloom's avatar
      Allow mod_ssl to send back an error message if an HTTP request is sent · 0adbf1ad
      Ryan Bloom authored 
      over an HTTPS connection.  This also adds an ap_remove_input_filter
function, which should be used to remove the SSL input filter in this
case, as soon as this code is stressed a bit more.

For right now, we are sending the same message that we used to send in
mod_ssl for Apache 1.3.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90724 13f79535-47bb-0310-9956-ffa450edef68
      0adbf1ad
    • William A. Rowe Jr's avatar
      · 2fc2c498
      William A. Rowe Jr authored 
        Clean up location_walk, so that this step performs a minimum
  amount of redundant effort (it must be run twice, but it will no
  longer reparse all <Location > blocks when the request uri
  hadn't changed.)

  The location walk block is refactored, with some significant changes
  in variable names for legibility.  Cooler still, it uses pool data
  instead of 'notes' for the important cache info :)

  Note the patch builds the <Location > per dir config from _nothing_,
  and then merges it into the per_dir_config.  When the underlying
  per_dir_config changes between passes, the location_walk can simply
  tack back on this preconstruct onto the new per_dir_config.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90713 13f79535-47bb-0310-9956-ffa450edef68
      2fc2c498
  3. Aug 26, 2001
  5. Aug 25, 2001
    • William A. Rowe Jr's avatar
      · 12c80eba
      William A. Rowe Jr authored 
        Introduce the map_to_storage hook, which allows modules to bypass
  the directory_walk and file_walk for non-file requests.  TRACE
  shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
  directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.

  A seperate patch to mod_proxy is required to short circuit both the
  TRACE and directory_walk/file_walk stuff.  That patch is next.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90665 13f79535-47bb-0310-9956-ffa450edef68
      12c80eba
    • Ryan Bloom's avatar
      Add the ability for mod_include to add the INCLUDES filter · 50dc7fb6
      Ryan Bloom authored 
      if the file is configured for the server-parsed handler.
This makes the configuration for .shtml files much easier
to understand, and allows mod_include to honor Apache 1.3
config files.   Based on Doug MacEachern's patch to PHP
to do the same thing.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90655 13f79535-47bb-0310-9956-ffa450edef68
      50dc7fb6
  7. Aug 24, 2001
  9. Aug 23, 2001
    • Paul J. Reder's avatar
      · f00c1e7f
      Paul J. Reder authored 
      Fix for mod_include. Ryan's patch to check error
codes put a return in the wrong place. Also, the
include handler return code wasn't being checked.
I don't like macros with returns, so I converted
SPLIT_AND_PASS_PRETAG_BUCKETS into a function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90554 13f79535-47bb-0310-9956-ffa450edef68
      f00c1e7f
  11. Aug 22, 2001
  13. Aug 21, 2001
  15. Aug 20, 2001
  17. Aug 19, 2001
  19. Aug 18, 2001
  21. Aug 17, 2001
  23. Aug 16, 2001