- Oct 02, 2002
-
-
William A. Rowe Jr authored
ap_server_signature() against this cross-site scripting vulnerability exposed by the directive 'UseCanonicalName Off'. Also HTML-escape the SERVER_NAME environment variable for CGI and SSI requests. It's safe to escape as only the '<', '>', and '&' characters are affected, which won't appear in a valid hostname. Reported by Matthew Murphy <mattmurphy@kc.rr.com>. [Brian Pane] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97064 13f79535-47bb-0310-9956-ffa450edef68
-
Paul J. Reder authored
Fix a core dump in mod_cache when it attemtped to store uncopyable buckets. This happened, for instance, when a file to be cached contained SSI tags to execute a CGI script (passed as a pipe bucket). [Paul J. Reder] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97058 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
when the content-length filter realizes that no new output will be available for a while. This helps some streaming CGIs as well as some other dynamically-generated content. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97054 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 01, 2002
-
-
Jeff Trawick authored
could lead to an infinite loop. PR: 12705 Diagnosis submitted by: amund.elstad@ergo.no (Amund Elstad) Coded by: Jeff Trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97048 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 30, 2002
-
-
Ryan Bloom authored
Mod_Dav was always setting the r->handler field to "dav_handler", but this means that mod_cgi won't run the script. According to my reading of the DAV RFC, mod_dav shouldn't do anything at all with a POST request, because it is impossible to know if the POST was meant for DAV or for some other resource. We used to excuse POST from DAV processing, so I have re-enabled that behavior. PR: 13025 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97016 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 28, 2002
-
-
Ryan Bloom authored
This matches what Apache 1.3 does. Also add documentation for this feature. PR: 9299 Submitted by: Jay Ball <jay@veggiespam.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97001 13f79535-47bb-0310-9956-ffa450edef68
-
Ian Holsman authored
This adds the ability to log the bytes sent and received for each request Submitted by: Bojan Smojver <bojan@rexursive.com> Reviewed by: Justin & Ian git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97000 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 27, 2002
-
-
Ryan Bloom authored
directory. PR: 8789, 13104 Submitted by: SangBeom han <sbhan@os.korea.ac.kr> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96994 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
PR: Obtained from: Submitted by: Thomas Bennett <thomas.bennett@eds.com> Reviewed by: Graham Leggett git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96988 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 26, 2002
-
-
Graham Leggett authored
passed on a 4xx error by proxy. Previously all headers were dropped, resulting in the browser being unable to authenticate. PR: Obtained from: Submitted by: Dr Richard Reiner <rreiner@fscinternet.com>, Richard Danielli <rdanielli@fscinternet.com>, Graham Wiseman <gwiseman@fscinternet.com>, David Henderson <dhenderson@fscinternet.com> Reviewed by: Graham Leggett git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96982 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 25, 2002
-
-
Brian Pane authored
properly inherit CacheMaxStreamingBuffer PR: Obtained from: Matthieu Estrade <estrade-m@ifrance.com> Reviewed by: Brian Pane git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96972 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 20, 2002
-
-
Justin Erenkrantz authored
the DSO link problems for DAV and the new aaa modules by moving the provider code into the core of the server and generalizing them to be used by any code. Remove the auth{nz}_*_provider functions as they are no longer needed. Change the dav_*_provider functions to wrap the ap_*_provider functions as they have a bit more of a historical precedent that we should keep around. Reviewed by: John K. Sterling <john@sterls.com> (in concept) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96919 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 19, 2002
-
-
Sander Striker authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96909 13f79535-47bb-0310-9956-ffa450edef68
-
Sander Striker authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96907 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
compile and link helper programs that use apr/apr-util. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96900 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 17, 2002
-
-
Jim Jagielski authored
is now case insensitive. Before, 'http/1.1' would silently be forced to HTTP/1.0 PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96857 13f79535-47bb-0310-9956-ffa450edef68
-
Sander Striker authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96855 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 16, 2002
-
-
Sander Striker authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96848 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 15, 2002
-
-
Justin Erenkrantz authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96819 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96818 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 14, 2002
-
-
Justin Erenkrantz authored
(I intend to add this back in if/when mod_authn_file can support the {algo} password semantics, but we can't do a release with this code in place.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96817 13f79535-47bb-0310-9956-ffa450edef68
-
Brian Pane authored
because this was causing 200s to be sent on responses that were really 304s Submitted by: Kris Verbeeck <Kris.Verbeeck@ubizen.com> Reviewed by: Brian Pane git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96803 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 12, 2002
-
-
Ian Holsman authored
Include statement (eg.. include /foo/bar/*.conf). and remove the noise on stderr during config dir processing. Submitted by: Joe Orton <jorton@redhat.com> Reviewed by: Ian Holsman, Brian Pane git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96776 13f79535-47bb-0310-9956-ffa450edef68
-
Paul J. Reder authored
mod_cache: cache_storage.c. Add the hostname and any request args to the key generated for caching. This provides a unique key for each virtual host and for each request with unique args. [Paul J. Reder, args code provided by Kris Verbeeck] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96773 13f79535-47bb-0310-9956-ffa450edef68
-
Bill Stoddard authored
URLs if the origin server does not explicitly provide an Expires header on the response (RFC 2616 Section 13.9) Submitted by: Kris Verbeeck <krisv@be.ubizen.com> Reviewed by: Bill Stoddard git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96772 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 10, 2002
-
-
Justin Erenkrantz authored
This would result in at least two EOS buckets being leaked per connection. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96752 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
mod_auth_digest's passwords can not be obfuscated by the APR magic sequence (as we don't call apr_password_validate on them), therefore we need a tool to produce true MD5 hex hashes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96737 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
All modules are reorganized under the following scheme: - mod_auth_*: Front-end (basic, digest) - mod_authn_*: Authentication (anon, dbm, default, file) - mod_authz_*: Authorization (dbm, default, groupfile, host, user) This passes the httpd-test suite when it accounts for the renaming of aaa modules. Originally written by: Dirk-Willem van Gulik Completed by: Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96728 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 09, 2002
-
-
Justin Erenkrantz authored
Submitted by: Sander Temme <sctemme@covalent.net> Reviewed by: Dirk, Justin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96726 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 06, 2002
-
-
Joshua Slive authored
Note that this is not supposed to be a comprehensive list. Lots of people helped out. I just want to give a little credit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96684 13f79535-47bb-0310-9956-ffa450edef68
-
Joshua Slive authored
responsible for the design and implementation, so he deserves some credit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96664 13f79535-47bb-0310-9956-ffa450edef68
-
Brian Pane authored
Submitted by: Joe Schaefer <joe+apache@sunstarsys.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96662 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 05, 2002
-
-
Justin Erenkrantz authored
This directive allows mod_mime to lookup extension information for content served via Location blocks so that content-type, filters, etc can be applied to non-file content. (I wouldn't be shocked if we end up changing the directive name.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96644 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 04, 2002
-
-
Brian Pane authored
Notes: * I've created a new config directive CacheMaxStreamingBuffer, to set the maximum amount of data that mod_cache will buffer per request if it hasn't yet seen an EOS. The default is zero, which preserves the original behavior: cache only if the response has a known content-length or all the content is available in the first brigade passed to the CACHE_IN filter. * A big block of code in cache_in_filter() got wrapped in an if-statement in this change. To make the diff more readable, I'm committing without indentation changes; a second commit will include (only) the indentation update. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96631 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 03, 2002
-
-
Ian Holsman authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96623 13f79535-47bb-0310-9956-ffa450edef68
-
Ian Holsman authored
PR: 10993 Submitted by: Peter Bieringer <pb@bieringer.de> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96621 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 01, 2002
-
-
Justin Erenkrantz authored
- Fix segfault on strlen computation on the empty string in vlv case - If the etag is "", don't set the ETag header to be "" - leave the header NULL instead. Andrew's patch would change ap_meets_condition to accept "", but Justin thinks it would be better just to sidestep it all together and not set ETag when it would be "". PR: 12207 Submitted by: Andrew Ho <andrew@tellme.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96609 13f79535-47bb-0310-9956-ffa450edef68
-
Brian Pane authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96608 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 30, 2002
-
-
Ian Holsman authored
in it never being applied for non-html files Submitted by: Kris Verbeeck <Kris.Verbeeck@ubizen.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96588 13f79535-47bb-0310-9956-ffa450edef68
-
Martin Kraemer authored
> Hello, > > I love httpd2 and I really like apachebench but using the gnuplot > output option (-g) gave me this: > > starttime seconds ctime dtime ttime wait > Thu Aug 29 12:29:31 200 1030620571362758 0 54 54 0 > > It's truncating the year. Now according to > http://apr.apache.org/docs/apr/group__APR__Time.html#a15 "Unlike > ANSI/ISO C ctime(), apr_ctime() does not include a \n", so the code > and comment in ab.c are wrong, hence my attached patch to remove them. Submitted by: Leon Brocard <acme@astray.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96586 13f79535-47bb-0310-9956-ffa450edef68
-