Skip to content
  1. Nov 02, 2003
  2. Nov 01, 2003
  3. Oct 30, 2003
  4. Oct 29, 2003
  5. Oct 26, 2003
  6. Oct 24, 2003
  7. Oct 23, 2003
  8. Oct 22, 2003
  9. Oct 15, 2003
  10. Oct 14, 2003
  11. Oct 11, 2003
  12. Oct 10, 2003
  13. Oct 02, 2003
  14. Sep 30, 2003
  15. Sep 29, 2003
  16. Sep 27, 2003
  17. Sep 25, 2003
  18. Sep 23, 2003
    • Cliff Woolley's avatar
      The problem that this patch solves is one where cookie names are mis-identified · 86429387
      Cliff Woolley authored
      by mod_usertrack. This is because of the use of strstr() in spot_cookie() the
      original mod_usertrack.c to find the name of the cookie. strstr(), by virtue of
      looking for a substring instead of an exact match, can mis-identify the cookie
      "MyID" as the cookie "ID" or "My". So, if you were looking for the value of the
      cookie "ID", but only the cookie "MyID" was returned by the browser,
      mod_usertrack.c would return the value of the "MyID" cookie in place of the
      "ID" you were looking for.
      
      Even more seriously, because strstr is invoked before the cookie name is
      separated from its cookie value, a cookie and value like
      "myCookie=thisisnotIDeal" will be a false positive if you told mod_usertrack
      the cookie name was ID. Furthermore, using this example, "eal" will get logged
      as the value of the cookie; now that strstr has incorrectly identified the
      substring "ID" as the cookie name, the following "e" (assumed to be the "="
      sign) gets discarded, and the remaining content used as the value of
      the cookie.
      
      Replacing the strstr() with a more robust regex match fixes this problem.
      
      PR:    16661
      Submitted by:   Manni Wood <manniwood@planet-save.com>
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101306 13f79535-47bb-0310-9956-ffa450edef68
      86429387
  19. Sep 19, 2003
  20. Sep 17, 2003
  21. Sep 16, 2003
  22. Sep 15, 2003
  23. Sep 12, 2003
    • Paul J. Reder's avatar
      · 1cc25263
      Paul J. Reder authored
       This fixes the cache code so that responses can be cached if they have
       an Expires header but no Etag or Last-Modified headers. PR 23130.
       Submitted by: <bjorn@exoweb.net>
       Reviewed by: Paul J. Reder
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101231 13f79535-47bb-0310-9956-ffa450edef68
      1cc25263
  24. Sep 11, 2003
    • Paul J. Reder's avatar
      · 21c59ded
      Paul J. Reder authored
      Fix a couple of AIX xlc_r compiler issues in the cache code I previously
      committed. [Paul J. Reder]
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101221 13f79535-47bb-0310-9956-ffa450edef68
      21c59ded
    • Paul J. Reder's avatar
      · 5e0fe314
      Paul J. Reder authored
        Modified the cache code to be header-location agnostic. Also
        fixed a number of other cache code bugs related to PR 15852.
        Includes a patch submitted by Sushma Rai <rsushma@novell.com>.
        This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
        closing the PR since that is what they are using. [Paul J. Reder]
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101218 13f79535-47bb-0310-9956-ffa450edef68
      5e0fe314